Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-61729 (GCVE-0-2025-61729)
Vulnerability from cvelistv5 – Published: 2025-12-02 18:54 – Updated: 2025-12-03 19:37- CWE-400 - Uncontrolled Resource Consumption
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | crypto/x509 |
Affected:
0 , < 1.24.11
(semver)
Affected: 1.25.0 , < 1.25.5 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-61729",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-02T21:52:36.341575Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T21:52:58.224Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "crypto/x509",
"product": "crypto/x509",
"programRoutines": [
{
"name": "Certificate.VerifyHostname"
},
{
"name": "Certificate.Verify"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.24.11",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.25.5",
"status": "affected",
"version": "1.25.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Philippe Antoine (Catena cyber)"
}
],
"descriptions": [
{
"lang": "en",
"value": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T19:37:14.903Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/725920"
},
{
"url": "https://go.dev/issue/76445"
},
{
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"title": "Excessive resource consumption when printing error string for host certificate validation in crypto/x509"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-61729",
"datePublished": "2025-12-02T18:54:10.166Z",
"dateReserved": "2025-09-30T15:05:03.605Z",
"dateUpdated": "2025-12-03T19:37:14.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-61729",
"date": "2026-06-30",
"epss": "0.00451",
"percentile": "0.35925"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-61729\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2025-12-02T19:15:51.447\",\"lastModified\":\"2026-06-17T09:50:48.507\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"Go standard library\",\"product\":\"crypto/x509\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"crypto/x509\",\"programRoutines\":[{\"name\":\"Certificate.VerifyHostname\"},{\"name\":\"Certificate.Verify\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"1.24.11\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"1.25.0\",\"lessThan\":\"1.25.5\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2025-12-02T21:52:36.341575Z\",\"id\":\"CVE-2025-61729\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.24.11\",\"matchCriteriaId\":\"F2E6FD2A-A487-4099-B91D-2429F286AC6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.25.0\",\"versionEndExcluding\":\"1.25.5\",\"matchCriteriaId\":\"39C03A37-B94B-46E4-B1C2-A70A870F8E53\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/725920\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/76445\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/8FJoBkPddm4\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2025-4155\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-61729\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-02T21:52:36.341575Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-02T21:52:53.822Z\"}}], \"cna\": {\"title\": \"Excessive resource consumption when printing error string for host certificate validation in crypto/x509\", \"credits\": [{\"lang\": \"en\", \"value\": \"Philippe Antoine (Catena cyber)\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"crypto/x509\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.24.11\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.25.0\", \"lessThan\": \"1.25.5\", \"versionType\": \"semver\"}], \"packageName\": \"crypto/x509\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"Certificate.VerifyHostname\"}, {\"name\": \"Certificate.Verify\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/725920\"}, {\"url\": \"https://go.dev/issue/76445\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/8FJoBkPddm4\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2025-4155\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-400: Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2025-12-03T19:37:14.903Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-61729\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-03T19:37:14.903Z\", \"dateReserved\": \"2025-09-30T15:05:03.605Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2025-12-02T18:54:10.166Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:5533
Vulnerability from csaf_redhat - Published: 2026-03-24 04:02 - Updated: 2026-07-01 00:17A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for osbuild-composer is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients.\n\nSecurity Fix(es):\n\n* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n\n* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:5533",
"url": "https://access.redhat.com/errata/RHSA-2026:5533"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_5533.json"
}
],
"title": "Red Hat Security Advisory: osbuild-composer security update",
"tracking": {
"current_release_date": "2026-07-01T00:17:04+00:00",
"generator": {
"date": "2026-07-01T00:17:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:5533",
"initial_release_date": "2026-03-24T04:02:36+00:00",
"revision_history": [
{
"date": "2026-03-24T04:02:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-24T04:02:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:17:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:46.3-7.el9_0.src",
"product": {
"name": "osbuild-composer-0:46.3-7.el9_0.src",
"product_id": "osbuild-composer-0:46.3-7.el9_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@46.3-7.el9_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:46.3-7.el9_0.aarch64",
"product": {
"name": "osbuild-composer-0:46.3-7.el9_0.aarch64",
"product_id": "osbuild-composer-0:46.3-7.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@46.3-7.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:46.3-7.el9_0.aarch64",
"product": {
"name": "osbuild-composer-core-0:46.3-7.el9_0.aarch64",
"product_id": "osbuild-composer-core-0:46.3-7.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@46.3-7.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-dnf-json-0:46.3-7.el9_0.aarch64",
"product": {
"name": "osbuild-composer-dnf-json-0:46.3-7.el9_0.aarch64",
"product_id": "osbuild-composer-dnf-json-0:46.3-7.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-dnf-json@46.3-7.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:46.3-7.el9_0.aarch64",
"product": {
"name": "osbuild-composer-worker-0:46.3-7.el9_0.aarch64",
"product_id": "osbuild-composer-worker-0:46.3-7.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@46.3-7.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:46.3-7.el9_0.aarch64",
"product": {
"name": "osbuild-composer-debugsource-0:46.3-7.el9_0.aarch64",
"product_id": "osbuild-composer-debugsource-0:46.3-7.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@46.3-7.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.aarch64",
"product": {
"name": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.aarch64",
"product_id": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@46.3-7.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.aarch64",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.aarch64",
"product_id": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@46.3-7.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.aarch64",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.aarch64",
"product_id": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@46.3-7.el9_0?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:46.3-7.el9_0.ppc64le",
"product": {
"name": "osbuild-composer-0:46.3-7.el9_0.ppc64le",
"product_id": "osbuild-composer-0:46.3-7.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@46.3-7.el9_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:46.3-7.el9_0.ppc64le",
"product": {
"name": "osbuild-composer-core-0:46.3-7.el9_0.ppc64le",
"product_id": "osbuild-composer-core-0:46.3-7.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@46.3-7.el9_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-dnf-json-0:46.3-7.el9_0.ppc64le",
"product": {
"name": "osbuild-composer-dnf-json-0:46.3-7.el9_0.ppc64le",
"product_id": "osbuild-composer-dnf-json-0:46.3-7.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-dnf-json@46.3-7.el9_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:46.3-7.el9_0.ppc64le",
"product": {
"name": "osbuild-composer-worker-0:46.3-7.el9_0.ppc64le",
"product_id": "osbuild-composer-worker-0:46.3-7.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@46.3-7.el9_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:46.3-7.el9_0.ppc64le",
"product": {
"name": "osbuild-composer-debugsource-0:46.3-7.el9_0.ppc64le",
"product_id": "osbuild-composer-debugsource-0:46.3-7.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@46.3-7.el9_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.ppc64le",
"product": {
"name": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.ppc64le",
"product_id": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@46.3-7.el9_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.ppc64le",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.ppc64le",
"product_id": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@46.3-7.el9_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.ppc64le",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.ppc64le",
"product_id": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@46.3-7.el9_0?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:46.3-7.el9_0.x86_64",
"product": {
"name": "osbuild-composer-0:46.3-7.el9_0.x86_64",
"product_id": "osbuild-composer-0:46.3-7.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@46.3-7.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:46.3-7.el9_0.x86_64",
"product": {
"name": "osbuild-composer-core-0:46.3-7.el9_0.x86_64",
"product_id": "osbuild-composer-core-0:46.3-7.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@46.3-7.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-dnf-json-0:46.3-7.el9_0.x86_64",
"product": {
"name": "osbuild-composer-dnf-json-0:46.3-7.el9_0.x86_64",
"product_id": "osbuild-composer-dnf-json-0:46.3-7.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-dnf-json@46.3-7.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:46.3-7.el9_0.x86_64",
"product": {
"name": "osbuild-composer-worker-0:46.3-7.el9_0.x86_64",
"product_id": "osbuild-composer-worker-0:46.3-7.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@46.3-7.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:46.3-7.el9_0.x86_64",
"product": {
"name": "osbuild-composer-debugsource-0:46.3-7.el9_0.x86_64",
"product_id": "osbuild-composer-debugsource-0:46.3-7.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@46.3-7.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.x86_64",
"product": {
"name": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.x86_64",
"product_id": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@46.3-7.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.x86_64",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.x86_64",
"product_id": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@46.3-7.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.x86_64",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.x86_64",
"product_id": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@46.3-7.el9_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:46.3-7.el9_0.s390x",
"product": {
"name": "osbuild-composer-0:46.3-7.el9_0.s390x",
"product_id": "osbuild-composer-0:46.3-7.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@46.3-7.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:46.3-7.el9_0.s390x",
"product": {
"name": "osbuild-composer-core-0:46.3-7.el9_0.s390x",
"product_id": "osbuild-composer-core-0:46.3-7.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@46.3-7.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-dnf-json-0:46.3-7.el9_0.s390x",
"product": {
"name": "osbuild-composer-dnf-json-0:46.3-7.el9_0.s390x",
"product_id": "osbuild-composer-dnf-json-0:46.3-7.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-dnf-json@46.3-7.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:46.3-7.el9_0.s390x",
"product": {
"name": "osbuild-composer-worker-0:46.3-7.el9_0.s390x",
"product_id": "osbuild-composer-worker-0:46.3-7.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@46.3-7.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:46.3-7.el9_0.s390x",
"product": {
"name": "osbuild-composer-debugsource-0:46.3-7.el9_0.s390x",
"product_id": "osbuild-composer-debugsource-0:46.3-7.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@46.3-7.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.s390x",
"product": {
"name": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.s390x",
"product_id": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@46.3-7.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.s390x",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.s390x",
"product_id": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@46.3-7.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.s390x",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.s390x",
"product_id": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@46.3-7.el9_0?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:46.3-7.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.aarch64"
},
"product_reference": "osbuild-composer-0:46.3-7.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:46.3-7.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.ppc64le"
},
"product_reference": "osbuild-composer-0:46.3-7.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:46.3-7.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.s390x"
},
"product_reference": "osbuild-composer-0:46.3-7.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:46.3-7.el9_0.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.src"
},
"product_reference": "osbuild-composer-0:46.3-7.el9_0.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:46.3-7.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.x86_64"
},
"product_reference": "osbuild-composer-0:46.3-7.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:46.3-7.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.aarch64"
},
"product_reference": "osbuild-composer-core-0:46.3-7.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:46.3-7.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.ppc64le"
},
"product_reference": "osbuild-composer-core-0:46.3-7.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:46.3-7.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.s390x"
},
"product_reference": "osbuild-composer-core-0:46.3-7.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:46.3-7.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.x86_64"
},
"product_reference": "osbuild-composer-core-0:46.3-7.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.aarch64"
},
"product_reference": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.ppc64le"
},
"product_reference": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.s390x"
},
"product_reference": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.x86_64"
},
"product_reference": "osbuild-composer-core-debuginfo-0:46.3-7.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:46.3-7.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.aarch64"
},
"product_reference": "osbuild-composer-debugsource-0:46.3-7.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:46.3-7.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.ppc64le"
},
"product_reference": "osbuild-composer-debugsource-0:46.3-7.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:46.3-7.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.s390x"
},
"product_reference": "osbuild-composer-debugsource-0:46.3-7.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:46.3-7.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.x86_64"
},
"product_reference": "osbuild-composer-debugsource-0:46.3-7.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-dnf-json-0:46.3-7.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.aarch64"
},
"product_reference": "osbuild-composer-dnf-json-0:46.3-7.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-dnf-json-0:46.3-7.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.ppc64le"
},
"product_reference": "osbuild-composer-dnf-json-0:46.3-7.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-dnf-json-0:46.3-7.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.s390x"
},
"product_reference": "osbuild-composer-dnf-json-0:46.3-7.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-dnf-json-0:46.3-7.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.x86_64"
},
"product_reference": "osbuild-composer-dnf-json-0:46.3-7.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.aarch64"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.ppc64le"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.s390x"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.x86_64"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:46.3-7.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.aarch64"
},
"product_reference": "osbuild-composer-worker-0:46.3-7.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:46.3-7.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.ppc64le"
},
"product_reference": "osbuild-composer-worker-0:46.3-7.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:46.3-7.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.s390x"
},
"product_reference": "osbuild-composer-worker-0:46.3-7.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:46.3-7.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.x86_64"
},
"product_reference": "osbuild-composer-worker-0:46.3-7.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.aarch64"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.ppc64le"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.s390x"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.x86_64"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.src",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T04:02:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.src",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5533"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.src",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.src",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.src",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T04:02:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.src",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.src",
"AppStream-9.0.0.Z.E4S:osbuild-composer-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-debugsource-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-0:46.3-7.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-7.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
}
]
}
RHSA-2026:5544
Vulnerability from csaf_redhat - Published: 2026-03-24 06:55 - Updated: 2026-07-01 00:17A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for osbuild-composer is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients.\n\nSecurity Fix(es):\n\n* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n\n* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:5544",
"url": "https://access.redhat.com/errata/RHSA-2026:5544"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_5544.json"
}
],
"title": "Red Hat Security Advisory: osbuild-composer security update",
"tracking": {
"current_release_date": "2026-07-01T00:17:04+00:00",
"generator": {
"date": "2026-07-01T00:17:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:5544",
"initial_release_date": "2026-03-24T06:55:51+00:00",
"revision_history": [
{
"date": "2026-03-24T06:55:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-24T06:55:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:17:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.6::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:132.2-5.el9_6.src",
"product": {
"name": "osbuild-composer-0:132.2-5.el9_6.src",
"product_id": "osbuild-composer-0:132.2-5.el9_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@132.2-5.el9_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:132.2-5.el9_6.aarch64",
"product": {
"name": "osbuild-composer-0:132.2-5.el9_6.aarch64",
"product_id": "osbuild-composer-0:132.2-5.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@132.2-5.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:132.2-5.el9_6.aarch64",
"product": {
"name": "osbuild-composer-core-0:132.2-5.el9_6.aarch64",
"product_id": "osbuild-composer-core-0:132.2-5.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@132.2-5.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:132.2-5.el9_6.aarch64",
"product": {
"name": "osbuild-composer-worker-0:132.2-5.el9_6.aarch64",
"product_id": "osbuild-composer-worker-0:132.2-5.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@132.2-5.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:132.2-5.el9_6.aarch64",
"product": {
"name": "osbuild-composer-debugsource-0:132.2-5.el9_6.aarch64",
"product_id": "osbuild-composer-debugsource-0:132.2-5.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@132.2-5.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.aarch64",
"product": {
"name": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.aarch64",
"product_id": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@132.2-5.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debuginfo-0:132.2-5.el9_6.aarch64",
"product": {
"name": "osbuild-composer-debuginfo-0:132.2-5.el9_6.aarch64",
"product_id": "osbuild-composer-debuginfo-0:132.2-5.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debuginfo@132.2-5.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.aarch64",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.aarch64",
"product_id": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@132.2-5.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.aarch64",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.aarch64",
"product_id": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@132.2-5.el9_6?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:132.2-5.el9_6.ppc64le",
"product": {
"name": "osbuild-composer-0:132.2-5.el9_6.ppc64le",
"product_id": "osbuild-composer-0:132.2-5.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@132.2-5.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:132.2-5.el9_6.ppc64le",
"product": {
"name": "osbuild-composer-core-0:132.2-5.el9_6.ppc64le",
"product_id": "osbuild-composer-core-0:132.2-5.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@132.2-5.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:132.2-5.el9_6.ppc64le",
"product": {
"name": "osbuild-composer-worker-0:132.2-5.el9_6.ppc64le",
"product_id": "osbuild-composer-worker-0:132.2-5.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@132.2-5.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:132.2-5.el9_6.ppc64le",
"product": {
"name": "osbuild-composer-debugsource-0:132.2-5.el9_6.ppc64le",
"product_id": "osbuild-composer-debugsource-0:132.2-5.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@132.2-5.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.ppc64le",
"product": {
"name": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.ppc64le",
"product_id": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@132.2-5.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debuginfo-0:132.2-5.el9_6.ppc64le",
"product": {
"name": "osbuild-composer-debuginfo-0:132.2-5.el9_6.ppc64le",
"product_id": "osbuild-composer-debuginfo-0:132.2-5.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debuginfo@132.2-5.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.ppc64le",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.ppc64le",
"product_id": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@132.2-5.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.ppc64le",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.ppc64le",
"product_id": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@132.2-5.el9_6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:132.2-5.el9_6.x86_64",
"product": {
"name": "osbuild-composer-0:132.2-5.el9_6.x86_64",
"product_id": "osbuild-composer-0:132.2-5.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@132.2-5.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:132.2-5.el9_6.x86_64",
"product": {
"name": "osbuild-composer-core-0:132.2-5.el9_6.x86_64",
"product_id": "osbuild-composer-core-0:132.2-5.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@132.2-5.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:132.2-5.el9_6.x86_64",
"product": {
"name": "osbuild-composer-worker-0:132.2-5.el9_6.x86_64",
"product_id": "osbuild-composer-worker-0:132.2-5.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@132.2-5.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:132.2-5.el9_6.x86_64",
"product": {
"name": "osbuild-composer-debugsource-0:132.2-5.el9_6.x86_64",
"product_id": "osbuild-composer-debugsource-0:132.2-5.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@132.2-5.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.x86_64",
"product": {
"name": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.x86_64",
"product_id": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@132.2-5.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debuginfo-0:132.2-5.el9_6.x86_64",
"product": {
"name": "osbuild-composer-debuginfo-0:132.2-5.el9_6.x86_64",
"product_id": "osbuild-composer-debuginfo-0:132.2-5.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debuginfo@132.2-5.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.x86_64",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.x86_64",
"product_id": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@132.2-5.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.x86_64",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.x86_64",
"product_id": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@132.2-5.el9_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:132.2-5.el9_6.s390x",
"product": {
"name": "osbuild-composer-0:132.2-5.el9_6.s390x",
"product_id": "osbuild-composer-0:132.2-5.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@132.2-5.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:132.2-5.el9_6.s390x",
"product": {
"name": "osbuild-composer-core-0:132.2-5.el9_6.s390x",
"product_id": "osbuild-composer-core-0:132.2-5.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@132.2-5.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:132.2-5.el9_6.s390x",
"product": {
"name": "osbuild-composer-worker-0:132.2-5.el9_6.s390x",
"product_id": "osbuild-composer-worker-0:132.2-5.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@132.2-5.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:132.2-5.el9_6.s390x",
"product": {
"name": "osbuild-composer-debugsource-0:132.2-5.el9_6.s390x",
"product_id": "osbuild-composer-debugsource-0:132.2-5.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@132.2-5.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.s390x",
"product": {
"name": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.s390x",
"product_id": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@132.2-5.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debuginfo-0:132.2-5.el9_6.s390x",
"product": {
"name": "osbuild-composer-debuginfo-0:132.2-5.el9_6.s390x",
"product_id": "osbuild-composer-debuginfo-0:132.2-5.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debuginfo@132.2-5.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.s390x",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.s390x",
"product_id": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@132.2-5.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.s390x",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.s390x",
"product_id": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@132.2-5.el9_6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:132.2-5.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.aarch64"
},
"product_reference": "osbuild-composer-0:132.2-5.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:132.2-5.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.ppc64le"
},
"product_reference": "osbuild-composer-0:132.2-5.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:132.2-5.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.s390x"
},
"product_reference": "osbuild-composer-0:132.2-5.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:132.2-5.el9_6.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.src"
},
"product_reference": "osbuild-composer-0:132.2-5.el9_6.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:132.2-5.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.x86_64"
},
"product_reference": "osbuild-composer-0:132.2-5.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:132.2-5.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.aarch64"
},
"product_reference": "osbuild-composer-core-0:132.2-5.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:132.2-5.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.ppc64le"
},
"product_reference": "osbuild-composer-core-0:132.2-5.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:132.2-5.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.s390x"
},
"product_reference": "osbuild-composer-core-0:132.2-5.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:132.2-5.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.x86_64"
},
"product_reference": "osbuild-composer-core-0:132.2-5.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.aarch64"
},
"product_reference": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.ppc64le"
},
"product_reference": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.s390x"
},
"product_reference": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.x86_64"
},
"product_reference": "osbuild-composer-core-debuginfo-0:132.2-5.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debuginfo-0:132.2-5.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.aarch64"
},
"product_reference": "osbuild-composer-debuginfo-0:132.2-5.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debuginfo-0:132.2-5.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.ppc64le"
},
"product_reference": "osbuild-composer-debuginfo-0:132.2-5.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debuginfo-0:132.2-5.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.s390x"
},
"product_reference": "osbuild-composer-debuginfo-0:132.2-5.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debuginfo-0:132.2-5.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.x86_64"
},
"product_reference": "osbuild-composer-debuginfo-0:132.2-5.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:132.2-5.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.aarch64"
},
"product_reference": "osbuild-composer-debugsource-0:132.2-5.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:132.2-5.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.ppc64le"
},
"product_reference": "osbuild-composer-debugsource-0:132.2-5.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:132.2-5.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.s390x"
},
"product_reference": "osbuild-composer-debugsource-0:132.2-5.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:132.2-5.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.x86_64"
},
"product_reference": "osbuild-composer-debugsource-0:132.2-5.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.aarch64"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.ppc64le"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.s390x"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.x86_64"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:132.2-5.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.aarch64"
},
"product_reference": "osbuild-composer-worker-0:132.2-5.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:132.2-5.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.ppc64le"
},
"product_reference": "osbuild-composer-worker-0:132.2-5.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:132.2-5.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.s390x"
},
"product_reference": "osbuild-composer-worker-0:132.2-5.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:132.2-5.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.x86_64"
},
"product_reference": "osbuild-composer-worker-0:132.2-5.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.aarch64"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.ppc64le"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.s390x"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.x86_64"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.src",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T06:55:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.src",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5544"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.src",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.src",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.src",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T06:55:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.src",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5544"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.src",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-5.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-5.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
}
]
}
RHSA-2026:5636
Vulnerability from csaf_redhat - Published: 2026-03-24 14:23 - Updated: 2026-07-01 06:09A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le | — |
Workaround
|
A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leading to inconsistent data being returned to the application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le | — |
A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64 | — |
Workaround
|
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le | — |
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le | — |
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le | — |
A cross site scripting flaw has been discovered in the npm react-router and @remix-run/router packages. React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le | — |
Workaround
|
A denial of service flaw has been discovered in the Axios npm package. the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The multicluster engine for Kubernetes 2.7 General Availability release images,\nwhich add new features and enhancements, bug fixes, and updated container images.",
"title": "Topic"
},
{
"category": "general",
"text": "The multicluster engine for Kubernetes v2.7 images\n\nThe multicluster engine for Kubernetes provides the foundational components\nthat are necessary for the centralized management of multiple\nKubernetes-based clusters across data centers, public clouds, and private\nclouds.\n\nYou can use the engine to create new Red Hat OpenShift Container Platform\nclusters or to bring existing Kubernetes-based clusters under management by\nimporting them. After the clusters are managed, you can use the APIs that\nare provided by the engine to distribute configuration based on placement\npolicy.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:5636",
"url": "https://access.redhat.com/errata/RHSA-2026:5636"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-13465",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47907",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58183",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68121",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22029",
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25639",
"url": "https://access.redhat.com/security/cve/CVE-2026-25639"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_5636.json"
}
],
"title": "Red Hat Security Advisory: multicluster engine for Kubernetes v2.7.9 security update",
"tracking": {
"current_release_date": "2026-07-01T06:09:51+00:00",
"generator": {
"date": "2026-07-01T06:09:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:5636",
"initial_release_date": "2026-03-24T14:23:47+00:00",
"revision_history": [
{
"date": "2026-03-24T14:23:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-24T14:23:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T06:09:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "multicluster engine for Kubernetes 2.7",
"product": {
"name": "multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:multicluster_engine:2.7::el9"
}
}
}
],
"category": "product_family",
"name": "multicluster engine for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"product_id": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"product_identification_helper": {
"purl": "pkg:oci/addon-manager-rhel9@sha256%3Afe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970989"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"product_id": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel9@sha256%3A08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773185824"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"product_id": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/backplane-rhel9-operator@sha256%3A76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091107"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-agent-rhel9@sha256%3A9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773445006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-kubevirt-rhel9@sha256%3Afb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773531423"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-curator-controller-rhel9@sha256%3A111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091098"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-image-set-controller-rhel9@sha256%3A694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091113"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-addon-rhel9@sha256%3Af02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091117"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-rhel9@sha256%3Adc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091011"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"product_id": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clusterclaims-controller-rhel9@sha256%3A5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773873328"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"product_id": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clusterlifecycle-state-metrics-rhel9@sha256%3A1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773639118"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"product_id": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-mce-rhel9@sha256%3A7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773100128"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"product_id": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-rhel9@sha256%3A50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091107"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"product_id": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hive-rhel9@sha256%3A6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773869889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-addon-rhel9-operator@sha256%3A618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773688774"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-cli-rhel9@sha256%3A365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773398895"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-rhel9-operator@sha256%3A91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773398921"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"product_id": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"product_identification_helper": {
"purl": "pkg:oci/image-based-install-rhel9@sha256%3Ad6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773877068"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"product_id": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-mce-rhel9@sha256%3A9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773185866"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"product_id": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"product_identification_helper": {
"purl": "pkg:oci/managed-serviceaccount-rhel9@sha256%3A1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091077"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"product_id": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/managedcluster-import-controller-rhel9@sha256%3Ab22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091070"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"product_id": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-manager-rhel9@sha256%3A9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773741020"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"product_id": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel9@sha256%3Ad24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970968"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"product_id": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/provider-credential-controller-rhel9@sha256%3A04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091099"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"product_id": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel9@sha256%3A3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970964"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"product_id": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/registration-operator-rhel9@sha256%3A5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970966"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"product_id": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/work-rhel9@sha256%3A2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970968"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"product_id": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/addon-manager-rhel9@sha256%3A4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970989"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"product_id": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel9@sha256%3A53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773185824"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"product_id": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/backplane-rhel9-operator@sha256%3Aa2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091107"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-agent-rhel9@sha256%3Afb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773445006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-kubevirt-rhel9@sha256%3A8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773531423"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-curator-controller-rhel9@sha256%3A4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091098"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-image-set-controller-rhel9@sha256%3Adabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091113"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-addon-rhel9@sha256%3A6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091117"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-rhel9@sha256%3A2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091011"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"product_id": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/clusterclaims-controller-rhel9@sha256%3Ae5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773873328"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"product_id": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/clusterlifecycle-state-metrics-rhel9@sha256%3Abf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773639118"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"product_id": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-mce-rhel9@sha256%3Ad07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773100128"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"product_id": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-rhel9@sha256%3A705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091107"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"product_id": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hive-rhel9@sha256%3A70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773869889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-addon-rhel9-operator@sha256%3A92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773688774"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-cli-rhel9@sha256%3Ad0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773398895"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-rhel9-operator@sha256%3Ae91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773398921"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"product_id": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"product_identification_helper": {
"purl": "pkg:oci/image-based-install-rhel9@sha256%3A06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773877068"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"product_id": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-mce-rhel9@sha256%3A2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773185866"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"product_id": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/managed-serviceaccount-rhel9@sha256%3Af3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091077"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"product_id": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/managedcluster-import-controller-rhel9@sha256%3Ab34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091070"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"product_id": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-manager-rhel9@sha256%3Ac29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773741020"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"product_id": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel9@sha256%3Afce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970968"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"product_id": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"product_identification_helper": {
"purl": "pkg:oci/provider-credential-controller-rhel9@sha256%3Ae8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091099"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"product_id": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel9@sha256%3A4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970964"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"product_id": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/registration-operator-rhel9@sha256%3Aa47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970966"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"product_id": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"product_identification_helper": {
"purl": "pkg:oci/work-rhel9@sha256%3A495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970968"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/addon-manager-rhel9@sha256%3Ad00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970989"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel9@sha256%3A1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773185824"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/backplane-rhel9-operator@sha256%3Ac4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091107"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-agent-rhel9@sha256%3A6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773445006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-kubevirt-rhel9@sha256%3Aec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773531423"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-curator-controller-rhel9@sha256%3Aca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091098"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-image-set-controller-rhel9@sha256%3Ad35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091113"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-addon-rhel9@sha256%3Af87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091117"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-rhel9@sha256%3A4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091011"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clusterclaims-controller-rhel9@sha256%3A89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773873328"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clusterlifecycle-state-metrics-rhel9@sha256%3A8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773639118"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-mce-rhel9@sha256%3A8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773100128"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/discovery-rhel9@sha256%3A9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091107"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/hive-rhel9@sha256%3A5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773869889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-addon-rhel9-operator@sha256%3Acacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773688774"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-cli-rhel9@sha256%3A775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773398895"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-rhel9-operator@sha256%3A52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773398921"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/image-based-install-rhel9@sha256%3A4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773877068"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-mce-rhel9@sha256%3A99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773185866"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/managed-serviceaccount-rhel9@sha256%3A259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091077"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/managedcluster-import-controller-rhel9@sha256%3A21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091070"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-manager-rhel9@sha256%3A6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773741020"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel9@sha256%3A31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970968"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/provider-credential-controller-rhel9@sha256%3A92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091099"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel9@sha256%3A2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970964"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/registration-operator-rhel9@sha256%3Aae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970966"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/work-rhel9@sha256%3Aa80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970968"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"product_id": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/addon-manager-rhel9@sha256%3Ac09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970989"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"product_id": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel9@sha256%3Aaed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773185824"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"product_id": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/backplane-rhel9-operator@sha256%3Ac6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091107"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-agent-rhel9@sha256%3A8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773445006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-kubevirt-rhel9@sha256%3Ae146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773531423"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"product_id": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-curator-controller-rhel9@sha256%3A1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091098"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"product_id": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-image-set-controller-rhel9@sha256%3Ac0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091113"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"product_id": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-addon-rhel9@sha256%3Abbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091117"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"product_id": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-rhel9@sha256%3A674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091011"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"product_id": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clusterclaims-controller-rhel9@sha256%3A04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773873328"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"product_id": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clusterlifecycle-state-metrics-rhel9@sha256%3A4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773639118"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"product_id": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-mce-rhel9@sha256%3A2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773100128"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"product_id": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"product_identification_helper": {
"purl": "pkg:oci/discovery-rhel9@sha256%3A47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091107"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"product_id": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"product_identification_helper": {
"purl": "pkg:oci/hive-rhel9@sha256%3A466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773869889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-addon-rhel9-operator@sha256%3A0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773688774"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-cli-rhel9@sha256%3Adb93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773398895"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-rhel9-operator@sha256%3A0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773398921"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"product_id": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"product_identification_helper": {
"purl": "pkg:oci/image-based-install-rhel9@sha256%3Adc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773877068"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"product_id": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-mce-rhel9@sha256%3Aa99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773185866"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"product_id": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/managed-serviceaccount-rhel9@sha256%3A90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091077"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"product_id": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"product_identification_helper": {
"purl": "pkg:oci/managedcluster-import-controller-rhel9@sha256%3A6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091070"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"product_id": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-manager-rhel9@sha256%3A7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773741020"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"product_id": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel9@sha256%3A66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970968"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"product_id": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"product_identification_helper": {
"purl": "pkg:oci/provider-credential-controller-rhel9@sha256%3A4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773091099"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"product_id": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel9@sha256%3A2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970964"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"product_id": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"product_identification_helper": {
"purl": "pkg:oci/registration-operator-rhel9@sha256%3Ad2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970966"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"product_id": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/work-rhel9@sha256%3A86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773970968"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-13465",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2026-01-21T20:01:28.774829+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: prototype pollution in _.unset and _.omit functions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is only exploitable by applications using the _.unset and _.omit functions on an object and allowing user input to determine the path of the property to be removed. This issue only allows the deletion of properties but does not allow overwriting their behavior, limiting the impact to a denial of service. Due to this reason, this vulnerability has been rated with an important severity.\n\nIn Grafana, JavaScript code runs only in the browser, while the server side is all Golang. Therefore, the worst-case scenario is a loss of functionality in the client application inside the browser. To reflect this, the CVSS availability metric and the severity of the Grafana and the Grafana-PCP component have been updated to low and moderate, respectively.\n\nThe lodash dependency is bundled and used by the pcs-web-ui component of the PCS package. In Red Hat Enterprise Linux 8.10, the pcs-web-ui component is no longer included in the PCS package. As a result, RHEL 8.10 does not ship the vulnerable lodash component within PCS and is therefore not-affected by this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "RHBZ#2431740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg",
"url": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg"
}
],
"release_date": "2026-01-21T19:05:28.846000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T14:23:47+00:00",
"details": "For multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/clusters/cluster_mce_overview#mce-install-intro",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5636"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement strict input validation before passing any property paths to the _.unset and _.omit functions to block attempts to access the prototype chain. Ensure that strings like __proto__, constructor and prototype are blocked, for example.",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: prototype pollution in _.unset and _.omit functions"
},
{
"cve": "CVE-2025-47907",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-08-07T16:01:06.247481+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387083"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leading to inconsistent data being returned to the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "database/sql: Postgres Scan Race Condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Moderate severity issues rather than Important. The os/exec LookPath flaw requires a misconfigured PATH to be exploitable, and the database/sql race condition primarily impacts applications that cancel queries while running multiple queries concurrently. Both can cause unexpected behavior, but the exploitation scope is limited and unlikely to result in direct compromise in most typical deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "RHBZ#2387083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://go.dev/cl/693735",
"url": "https://go.dev/cl/693735"
},
{
"category": "external",
"summary": "https://go.dev/issue/74831",
"url": "https://go.dev/issue/74831"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3849",
"url": "https://pkg.go.dev/vuln/GO-2025-3849"
}
],
"release_date": "2025-08-07T15:25:30.704000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T14:23:47+00:00",
"details": "For multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/clusters/cluster_mce_overview#mce-install-intro",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5636"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "database/sql: Postgres Scan Race Condition"
},
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T14:23:47+00:00",
"details": "For multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/clusters/cluster_mce_overview#mce-install-intro",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5636"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T14:23:47+00:00",
"details": "For multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/clusters/cluster_mce_overview#mce-install-intro",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5636"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T14:23:47+00:00",
"details": "For multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/clusters/cluster_mce_overview#mce-install-intro",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5636"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T14:23:47+00:00",
"details": "For multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/clusters/cluster_mce_overview#mce-install-intro",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5636"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-22029",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-01-10T04:01:03.694749+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428412"
}
],
"notes": [
{
"category": "description",
"text": "A cross site scripting flaw has been discovered in the npm react-router and @remix-run/router packages. React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"category": "external",
"summary": "RHBZ#2428412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428412"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22029",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22029"
},
{
"category": "external",
"summary": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx",
"url": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx"
}
],
"release_date": "2026-01-10T02:42:32.736000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T14:23:47+00:00",
"details": "For multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/clusters/cluster_mce_overview#mce-install-intro",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5636"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects"
},
{
"cve": "CVE-2026-25639",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-02-09T21:00:49.280114+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438237"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the Axios npm package. the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios affected by Denial of Service via __proto__ Key in mergeConfig",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25639"
},
{
"category": "external",
"summary": "RHBZ#2438237",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438237"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25639",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25639"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25639",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25639"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57",
"url": "https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.13.5",
"url": "https://github.com/axios/axios/releases/tag/v1.13.5"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433",
"url": "https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433"
}
],
"release_date": "2026-02-09T20:11:22.374000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T14:23:47+00:00",
"details": "For multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/clusters/cluster_mce_overview#mce-install-intro",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5636"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:4667db4cc9699f5e41cda6388eb7371ad9c8c73a92a7fc19115ddd48b562e56e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:c09c8b8f588cac2b8c4b15a79de635971f002419ffc2b4d967f383160897e2dd_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:d00a17c4162336d52d47452f13d2470ddd4f9d6913759472791ee4d8bfc34d46_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:fe8b267cb2ea707fda229bae30ca074079da2909e7313eff06ba9eb2fb529237_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:76d00b37dc5c5d7bf489f55f3a41a953677449491b01c789bf7b29c789c461b7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a2fa219ec0da0910c1a858ac43d53288f2cf434c26fcb6cd8185e9d6f13a1ebd_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c4e710e3ab66dfbcb3f2db4d17f73aea44ea9d2649e5f5cec94c1b51644809cf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:c6a8bf6b7644c45a41d4c8a1c31cc08e03b6ac5ed36f562256cb1509f26a47c7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:6ae1271bcaebb79d7dd48fa4bb89f2cf0bf450cce004899feee7d1a53d230a81_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:8ffc2f2cdfd7753c083ca083a42da60b8783d09b6817c6b22c38c91d67c0b4a5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9295aea24d0997fd5112e4bc6701f15e5ed2ee54f298d134aef5c9d499ad7ce5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:fb103ee7a47badea6dfd32f698cc209bb2242dd90b51986cea6f26a03ade9516_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8173d4f41f25103f387f1b148f9e90eba72abeccd506bfe657f6fd54cbbcf395_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:e146412fb2f0d808cf6a0faa5f39e54032cd4b6c594d67795bb81883ebf0b386_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:ec486aa31c687d3f9e8dffe7ae5018b9ce3cc8795a91765c237eb72b2f6984c5_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:fb47b5a6d4fe1c966eb29109c27a5e323b6b4e665a2754f234979cef4bfc6fc2_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:111a02c966b528a619c9ad5942151e64374e0c57d80be21f91c0f41469c63c19_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:1396ea60940f7dfc33d67d918dd82d62f780d0e837e12785ccec2ada30ce3f93_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:4c393e89346494a9abd31c664e977edacd6ca8bf1f1c28c2aa9a6625f0d02d9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:ca4d807da014acefb7e963000cd2431352087dd908491ff4189592f53dec93ff_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:694ac8be10bee34d7c34fdcabde7dfdf1558053cac0479eca4677971c09589e6_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c0b2cdac26577de087dfd119ff0e2f996f211cd9021bed43d01e286fe166642d_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:d35fb00e5d71a79ec679d7bb9911c4974ca4ebe334e76461270594feda1a7378_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:dabdf0f6fec7ebd5b86034281ae740aea0e77146e33bdd04c01590745b68ea8e_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:6e44a95fd942fad8a4f43379d100d2f11808caef975afbafe244543b2f33e2b1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:bbcbedae29915aecb2d0722d16a5265b214714b2e8695f4885395982507950f8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f02386b7e2476ab45ef771bdc6034ba4148bdbbf30cb95e2110a681adaeaa03e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:f87238bec802fb8e8aa257f73eb32f3b3cacf1564677e594ca0d165ed2c0a021_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:2dc8a21ac845a94b55a048554052666910cd7e5fc2f9731d62c8911f18ac3fcb_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:4cb50e9064955ace00ee9bbc0592f5e073affa7a29d0d8a119b67bb8fc9d5a20_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:674b94c6913ca04eb711ccf438f24fe22d7332c8f7ca733a8d0e6b5b5b3f99ab_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:dc747542c832d5868ce34b622f3cb73a3376beab272bdb156b4a5d29439173a8_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:04ac93d513d3d10d83de367893012f4098b281c89d773d5799393b1ecb184658_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:5b51bbe361be033ce654374dbf65f15a7449072207d8350959becd9921a7da1a_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:89d53a8fca9a27f188f13631f4416eb9c8460868e095ed207f55591c76ea0acf_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:e5ab3e9b45628c867d6b8babec0e2dc9b32d1b9bdf5aae9a74ac0e45b553355f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:1108dd8708d80e09fcc6cf4ecb2ec3d076f1fd22814b6c6ce2b4236143779527_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:4b8c28da26c5fcc04cfe2072965fdb957fd2ebc514afe8ab46c79d625dc7dd46_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8cbfa37103a4fb66ce05ae0a001412af7556b61b4079406c82bb82a1c7bf841a_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:bf00fb14cf15607b90bfd5719b9707081b9f4696d4296944586fc839e0210d9b_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:7141546552e4237c8b118044c3cc310ddfee917b547c36857a291c33e185bcc1_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:8aaa0f89e8e6ad810632240a7e032b6e673f69e1e4018ab6b36dd87de69ceeb8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:d07f47405187ce8f4b91686b48d4ed71336ff2bd9218b88c31f52ddc22db9238_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:47c835ad25efcfa42534a1daf7235b18b318030546e81c784027c62ab665b896_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:50276a56714a1bc1aabedbadb7f702913412f6a20db8b110986436845ee2f3c7_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:705746f64a46c4990cc3ec16236c41c64352493fdeb9f7fbbc34353ff111e267_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:9358b7c24e4c4f8e72266af077352af1af3ba61e266087cf55b7dc9ea0eddcb9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:466a01f1457e47e5b418c8e1d87cc2d92e100d635e6cbbc6224039b71d413105_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:5d81a9b6f31e72d5beddec8128e693ecacd03bbbb6640a626e06a9b4b033c47e_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:6d05352bd35932dc05bd12a06890b7e99594773791e0c8edd8492a835155acb3_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:70ad5cb3532bde1dd5a9337a7064dd8e1ff1799bcb017a2d2e6536a932ce22dc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:0c554f87aa16a5c7a6c6ee78886787b055fad40c557f1cbaa5996db9a09b41ce_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:618edff2bf45eea71e6f3e7f7b24e95f10314b146ff45ac72ea8cabb1cb373d4_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:92d36152258c9d926be0bdcfac34995f22eec3518111fbf2c768b660129f5440_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:cacde4ea2c1d98290f68b7ad0a3ca31582710a3b64442649baace5b8ee953f89_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:365a26e2d054aefe147ad411da6014e76c9d4f4646a8382b9be3f3eeb35fc6cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:775d0fbe7f2a3d4abdbb751331dbdc7457ff489e1d2aa32c93b7bec4dff2eeb4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:d0062eaae78adb437020762d1a3e555c2b5bc0fe05da89716b2e8acf673ff661_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:db93b4a928c940e66ea4ada9f69f3b20f6bf4d64146df89d8e9e5a66acd2a03c_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:0b57da9ddb495d659da29e2a699d5fedb720056f72f77e426c40c1a7bae79a87_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:52625c24cfe3921bc6c00090b150b36544410b9b877b43e148abf634cdb8c0e9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:91c20f61a7e054ac5b53b8b8ad06f110ed3db0ace9258fd9e2b3fa03f59f11ab_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:e91c55697e0d95b8c9265d0072c5b80faed4dd9dfdfeb87443f98f473fcf42bc_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:06109d274a92145cc11d4f30ed877d2a233a4852e3537d87b117e6682b911b20_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:4f7e7a8764b018c6d51c0700a76f0dcedcf5ffe85f28f66c214e36455105e32f_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:d6afe401727d8b252009042c03319fb6a9bc2cfd2ffba5e5518c9a22e91692de_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:dc366eaa2c3f3f72003f928262c03900983aaac8352615715d72bf5223b59a94_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:2a1963aa5fb3ee452084510bac3792ae508b5c9eeb41c676e13f2551d7c88d60_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9774a696206b422b52b5f1082750d7e62cccf3c7ee0e28ec156b560cf1acebb0_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:99d0b694cee080c924c2e2294af4a0a36f669129516f205b5e13a3eabd1ee019_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:a99ef9cd8f37bbf76d5bb6b81865547af9ec456b0204e36995ff86960abcf1f5_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:1b2c836336117c0e04dc30101898117b68edf6489ad9da955453cb6e4491bb33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:259049072cf889d7b72fdae5b5a17bd2d4d6fd176cb1da4274b70f02c854dea9_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:90a96bb156d096a0c55fcf27b2dc0176e56c9b7388697ed17d9bbb257c39a3aa_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:f3aa3d1b579275dcdf403867cc9b140f34cfcdc099d4b87819ef7f4978af2be1_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:21b52ad7c77dd21bc0a9a20a1ae6e2fc5d236b39e16dbfa82158ec80ef2846d4_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:6a83c52ba828f45e84550ba702ba86d5746057194d389b6959ab7486e8615b16_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b22d17d474876f6079c86518dbc04e692ade54067cd4fc0c5660d8a1ba0937cf_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b34be4d5652efaee930bd26536547fd1fc04dda4060605dabc276e59f96a0a0c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:6ab181004adafad8a5cd0155da9e107ab3989ef97007e69decb7238a9b0597da_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:7782c711aff60d9ac0d8297431eabca6945752292b16beecdb52303ad22f1553_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:9a23dfe4c781261e8db8fbb65517d69c3532fba5e897978b8a7765864b84b495_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:c29b2dc7510dcc147cf8460e4e39c0f2595edc4ff81f62c035333c6354776335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:08592505c61791b614511a2c51d9963aa3277ac9e2af98954b07e47e36ca6765_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:1145c4b8c3606c2550986f1bf352835300f58d81f6c50d63846983a666602655_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:53c5fd16cd44f631ca08f6eb51e346d99950c9b4c6860743262c068074ba3c9f_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:aed4dab31c6e0d932781c631022214fdea5b28e6ccdc00abee3e006d13befe8a_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:31acda49be5c46912447113bf6133b4457f1f49270741859cb1493b65474d203_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:66c468c37631e94fcc32442e93a149caf3ad4831d1817314983dde8ba145fd25_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:d24798fdb05f2c2959b03889dff46e58c3b15d531a3750d1cd153ae4fcfda087_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:fce0a7344e9f0d86a8d5e5dbd70a3a8ef6a55567ade0a7345ffda3344d2617d6_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:04cc5c05db5bd9bd83f529523cc003c0ebe72d1ab55b2617bee8375b5f11616e_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:4ed9ab5ffc8c4fb0dc4c9faaa13e63c81dd40e2e04784bd7f48e81a0bd734a14_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:92230ad9427b8002fca17de62427089eaa409edcaa39554a96cf16c23b41b1bd_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:e8e78077943e22dfbf24b01d40f866954e39e783711a3ceab6c6f08e8e07fdce_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:5a1f7f5125b9fff4c8b415e93eaad7257af8ffb3b70823917cf0eec075484b8b_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a47433ffe10df556b6bea4c0cc3c3f3ac508e1a9d6ab81981f7ab84afc34524c_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:ae032d3383977818eab9f396217d9de8053e6a0fe2657a21fec9b4bae58940ed_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:d2e664349d706e81882258dae2d18de73c65d09649e7ac74f5616ecb81f2ffbe_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2a8862c66d7bba87f0ab708d1644eb7c01840fc8f5b3b7373044aff4e219e000_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:2d091748418b3f6d3cdcc4b4d773c98c8a22cac2717ed5274a6d8c612af51f71_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:3589f0bf450892dbfe4bac6c5255ebec5109e1d5d2e102dfb8e3e5894427a9b5_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:4dfb3a2b2ea2a32c5cfc770c84fba0f158d2c759d3a6559b01efd365e4a19e52_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:2bc2bb010570cb1f65205b4c6f7f470e8b2242d1401f4d0ab8ba08bdabacefeb_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:495dece80910102a98e78394ca35ee5c4703d32f705f43f9813312872dd8b528_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:86ed174f04e82706d3c5a793fc94c5f3ff78ef7a442056e9ffbfdf04543e47e8_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/work-rhel9@sha256:a80ab7578c04779f5a91eb489efe6dfa821c2f22fad92f34864402604ae6d89a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios affected by Denial of Service via __proto__ Key in mergeConfig"
}
]
}
RHSA-2026:5645
Vulnerability from csaf_redhat - Published: 2026-03-24 15:38 - Updated: 2026-07-01 06:09A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leading to inconsistent data being returned to the application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le | — |
Vendor Fix
fix
|
A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le | — |
Vendor Fix
fix
|
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "cert-manager Operator for Red Hat OpenShift 1.17.1",
"title": "Topic"
},
{
"category": "general",
"text": "The cert-manager Operator for Red Hat OpenShift builds on top of Kubernetes, introducing certificate authorities\nand certificates as first-class resource types in the Kubernetes API. This makes it possible to provide\ncertificates-as-a-service to developers working within your Kubernetes cluster.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:5645",
"url": "https://access.redhat.com/errata/RHSA-2026:5645"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47907",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58183",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61728",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68121",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.openshift.com/container-platform/latest/security/cert_manager_operator/index.html",
"url": "https://docs.openshift.com/container-platform/latest/security/cert_manager_operator/index.html"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_5645.json"
}
],
"title": "Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.17.1",
"tracking": {
"current_release_date": "2026-07-01T06:09:52+00:00",
"generator": {
"date": "2026-07-01T06:09:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:5645",
"initial_release_date": "2026-03-24T15:38:55+00:00",
"revision_history": [
{
"date": "2026-03-24T15:38:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-24T15:39:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T06:09:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Cert Manager support for Red Hat OpenShift release 1.17",
"product": {
"name": "Cert Manager support for Red Hat OpenShift release 1.17",
"product_id": "Cert Manager support for Red Hat OpenShift release 1.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:cert_manager:1.17::el9"
}
}
}
],
"category": "product_family",
"name": "Cert Manager support for Red Hat OpenShift release"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"product": {
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"product_id": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jetstack-cert-manager-rhel9@sha256%3A9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12?arch=amd64\u0026repository_url=registry.redhat.io/cert-manager\u0026tag=1774341716"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"product": {
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"product_id": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jetstack-cert-manager-acmesolver-rhel9@sha256%3Aabcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f?arch=amd64\u0026repository_url=registry.redhat.io/cert-manager\u0026tag=1774342146"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"product": {
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"product_id": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jetstack-cert-manager-rhel9@sha256%3Aa1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea?arch=s390x\u0026repository_url=registry.redhat.io/cert-manager\u0026tag=1774341716"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"product": {
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"product_id": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jetstack-cert-manager-acmesolver-rhel9@sha256%3A4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132?arch=s390x\u0026repository_url=registry.redhat.io/cert-manager\u0026tag=1774342146"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le",
"product": {
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le",
"product_id": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jetstack-cert-manager-rhel9@sha256%3Ac73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13?arch=ppc64le\u0026repository_url=registry.redhat.io/cert-manager\u0026tag=1774341716"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"product": {
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"product_id": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jetstack-cert-manager-acmesolver-rhel9@sha256%3A42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f?arch=ppc64le\u0026repository_url=registry.redhat.io/cert-manager\u0026tag=1774342146"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"product": {
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"product_id": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jetstack-cert-manager-rhel9@sha256%3A6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f?arch=arm64\u0026repository_url=registry.redhat.io/cert-manager\u0026tag=1774341716"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"product": {
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"product_id": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jetstack-cert-manager-acmesolver-rhel9@sha256%3A3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a?arch=arm64\u0026repository_url=registry.redhat.io/cert-manager\u0026tag=1774342146"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64 as a component of Cert Manager support for Red Hat OpenShift release 1.17",
"product_id": "Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64"
},
"product_reference": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"relates_to_product_reference": "Cert Manager support for Red Hat OpenShift release 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le as a component of Cert Manager support for Red Hat OpenShift release 1.17",
"product_id": "Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le"
},
"product_reference": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"relates_to_product_reference": "Cert Manager support for Red Hat OpenShift release 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x as a component of Cert Manager support for Red Hat OpenShift release 1.17",
"product_id": "Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x"
},
"product_reference": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"relates_to_product_reference": "Cert Manager support for Red Hat OpenShift release 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64 as a component of Cert Manager support for Red Hat OpenShift release 1.17",
"product_id": "Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64"
},
"product_reference": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"relates_to_product_reference": "Cert Manager support for Red Hat OpenShift release 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64 as a component of Cert Manager support for Red Hat OpenShift release 1.17",
"product_id": "Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64"
},
"product_reference": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"relates_to_product_reference": "Cert Manager support for Red Hat OpenShift release 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64 as a component of Cert Manager support for Red Hat OpenShift release 1.17",
"product_id": "Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64"
},
"product_reference": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"relates_to_product_reference": "Cert Manager support for Red Hat OpenShift release 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x as a component of Cert Manager support for Red Hat OpenShift release 1.17",
"product_id": "Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x"
},
"product_reference": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"relates_to_product_reference": "Cert Manager support for Red Hat OpenShift release 1.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le as a component of Cert Manager support for Red Hat OpenShift release 1.17",
"product_id": "Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
},
"product_reference": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le",
"relates_to_product_reference": "Cert Manager support for Red Hat OpenShift release 1.17"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47907",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-08-07T16:01:06.247481+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387083"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leading to inconsistent data being returned to the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "database/sql: Postgres Scan Race Condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Moderate severity issues rather than Important. The os/exec LookPath flaw requires a misconfigured PATH to be exploitable, and the database/sql race condition primarily impacts applications that cancel queries while running multiple queries concurrently. Both can cause unexpected behavior, but the exploitation scope is limited and unlikely to result in direct compromise in most typical deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "RHBZ#2387083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://go.dev/cl/693735",
"url": "https://go.dev/cl/693735"
},
{
"category": "external",
"summary": "https://go.dev/issue/74831",
"url": "https://go.dev/issue/74831"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3849",
"url": "https://pkg.go.dev/vuln/GO-2025-3849"
}
],
"release_date": "2025-08-07T15:25:30.704000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T15:38:55+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nThe steps to apply the upgraded images are different depending on the installation plan approval policy you used\nwhen installing the cert-manager Operator for Red Hat OpenShift.\n\n- If the approval policy is set to `Automatic`, then the Operator will be upgraded automatically when there is a\nnew version of the Operator. No further action is required to upgrade. This is the default setting.\n\n- If you changed the approval policy to `Manual`, then you must manually approve the upgrade to the Operator.\n\nSee https://docs.openshift.com/container-platform/latest/security/cert_manager_operator/index.html for additional\ninformation.",
"product_ids": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5645"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "database/sql: Postgres Scan Race Condition"
},
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T15:38:55+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nThe steps to apply the upgraded images are different depending on the installation plan approval policy you used\nwhen installing the cert-manager Operator for Red Hat OpenShift.\n\n- If the approval policy is set to `Automatic`, then the Operator will be upgraded automatically when there is a\nnew version of the Operator. No further action is required to upgrade. This is the default setting.\n\n- If you changed the approval policy to `Manual`, then you must manually approve the upgrade to the Operator.\n\nSee https://docs.openshift.com/container-platform/latest/security/cert_manager_operator/index.html for additional\ninformation.",
"product_ids": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5645"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T15:38:55+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nThe steps to apply the upgraded images are different depending on the installation plan approval policy you used\nwhen installing the cert-manager Operator for Red Hat OpenShift.\n\n- If the approval policy is set to `Automatic`, then the Operator will be upgraded automatically when there is a\nnew version of the Operator. No further action is required to upgrade. This is the default setting.\n\n- If you changed the approval policy to `Manual`, then you must manually approve the upgrade to the Operator.\n\nSee https://docs.openshift.com/container-platform/latest/security/cert_manager_operator/index.html for additional\ninformation.",
"product_ids": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5645"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T15:38:55+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nThe steps to apply the upgraded images are different depending on the installation plan approval policy you used\nwhen installing the cert-manager Operator for Red Hat OpenShift.\n\n- If the approval policy is set to `Automatic`, then the Operator will be upgraded automatically when there is a\nnew version of the Operator. No further action is required to upgrade. This is the default setting.\n\n- If you changed the approval policy to `Manual`, then you must manually approve the upgrade to the Operator.\n\nSee https://docs.openshift.com/container-platform/latest/security/cert_manager_operator/index.html for additional\ninformation.",
"product_ids": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5645"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T15:38:55+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nThe steps to apply the upgraded images are different depending on the installation plan approval policy you used\nwhen installing the cert-manager Operator for Red Hat OpenShift.\n\n- If the approval policy is set to `Automatic`, then the Operator will be upgraded automatically when there is a\nnew version of the Operator. No further action is required to upgrade. This is the default setting.\n\n- If you changed the approval policy to `Manual`, then you must manually approve the upgrade to the Operator.\n\nSee https://docs.openshift.com/container-platform/latest/security/cert_manager_operator/index.html for additional\ninformation.",
"product_ids": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5645"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T15:38:55+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nThe steps to apply the upgraded images are different depending on the installation plan approval policy you used\nwhen installing the cert-manager Operator for Red Hat OpenShift.\n\n- If the approval policy is set to `Automatic`, then the Operator will be upgraded automatically when there is a\nnew version of the Operator. No further action is required to upgrade. This is the default setting.\n\n- If you changed the approval policy to `Manual`, then you must manually approve the upgrade to the Operator.\n\nSee https://docs.openshift.com/container-platform/latest/security/cert_manager_operator/index.html for additional\ninformation.",
"product_ids": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5645"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:3a01605ba6dd883043f622596c54bfdfc938cdab48f4c32638e6cad807c57e9a_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:42f78dae41109753d076a75c14a9bc16096575cfdea102fdeda252665ff0381f_ppc64le",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:4974faad72c7c67e6d55f7bf8c9c2d752af17a2f48ef63153fe226b080d36132_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:abcdf8c79fe663805d3bd5e43ac73b0472b5dab8c9dd80c90e1cf54ff161f41f_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:6a2828505d9760b9d4f27d5eafa05db0d025b45787828bc5e125b7c75d1f329f_arm64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:9011ffee4064e0f466d6bc27c54f60ec2e1f041d1240548101d9ed9e0254df12_amd64",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a1bfde47d53ed34e899229870228ce35230fa216ade3e348befd9b77c2c7ceea_s390x",
"Cert Manager support for Red Hat OpenShift release 1.17:registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:c73275043cc2caad071a88cb63f3745471fae11a953291b3dd93db4d752b1b13_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
}
]
}
RHSA-2026:5807
Vulnerability from csaf_redhat - Published: 2026-03-25 12:32 - Updated: 2026-07-01 05:00A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A command injection vulnerability was discovered in the TrustyAI Explainability toolkit. Arbitrary commands placed in certain fields of a LMEValJob custom resource (CR) may be executed in the LMEvalJob pod's terminal. This issue can be exploited via a maliciously crafted LMEvalJob by a user with permissions to deploy a CR.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
A path traversal flaw has been discovered in the keras Python library. when used with the extract=True option for tar archives, is vulnerable to a path traversal attack. The utility uses Python's tarfile.extractall function without the filter="data" feature. A remote attacker can craft a malicious tar archive containing special symlinks, which, when extracted, allows them to write arbitrary files to any location on the filesystem outside of the intended destination folder.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A path traversal flaw has been discovered in Keras. The vulnerability arises because the function uses Python's tarfile.extractall() method without the security-critical filter='data' parameter. Although Keras attempts to filter unsafe paths using filter_safe_paths(), this filtering occurs before extraction, and a PATH_MAX symlink resolution bug triggers during extraction. This bug causes symlink resolution to fail due to path length limits, resulting in a security bypass that allows files to be written outside the intended extraction directory.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
A path traversal and arbitrary file overwrite vulnerability has been identified in Argo Workflows during the extraction of archived artifacts, where symbolic links inside a crafted archive are not safely validated before file extraction. An attacker could exploit this flaw by submitting a malicious archive containing symbolic links that point outside the intended extraction directory, causing files to be written or overwritten in unintended locations within the workflow pod. Successful exploitation may allow an attacker to overwrite execution control files and achieve arbitrary command execution during pod startup.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in Expr, an expression language and expression evaluation for Go. This vulnerability allows a denial of service (DoS) via recursive traversal over user-provided deeply nested or cyclic data structures without enforcing a maximum recursion depth, leading to a stack overflow panic and application crash.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in ajv. When the $data option is enabled, the value of the pattern keyword is passed directly to the JavaScript RegExp() constructor without sufficient validation. An attacker able to supply a malicious regular expression pattern can trigger a ReDoS (Regular Expression Denial of Service), causing the application to become unresponsive and resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in Fastify, a web framework for Node.js. A remote attacker can exploit a validation bypass vulnerability by appending a tab character followed by arbitrary content to the Content-Type header. This circumvents the request body validation schemas, allowing the server to process the body as the original content type without proper validation. This could lead to unexpected data processing and potential integrity impact.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A denial of service flaw has been discovered in the Axios npm package. the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application's failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
A denial of service flaw has been discovered in the flatted npm library. flatted's parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat OpenShift AI.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of RHOAI 2.16.4 provides these changes:",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:5807",
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-25621",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12060",
"url": "https://access.redhat.com/security/cve/CVE-2025-12060"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12638",
"url": "https://access.redhat.com/security/cve/CVE-2025-12638"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6193",
"url": "https://access.redhat.com/security/cve/CVE-2025-6193"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66626",
"url": "https://access.redhat.com/security/cve/CVE-2025-66626"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68156",
"url": "https://access.redhat.com/security/cve/CVE-2025-68156"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69873",
"url": "https://access.redhat.com/security/cve/CVE-2025-69873"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1526",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1528",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-2229",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25223",
"url": "https://access.redhat.com/security/cve/CVE-2026-25223"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25639",
"url": "https://access.redhat.com/security/cve/CVE-2026-25639"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29074",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32141",
"url": "https://access.redhat.com/security/cve/CVE-2026-32141"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_5807.json"
}
],
"title": "Red Hat Security Advisory: RHOAI 2.16.4 - Red Hat OpenShift AI",
"tracking": {
"current_release_date": "2026-07-01T05:00:36+00:00",
"generator": {
"date": "2026-07-01T05:00:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:5807",
"initial_release_date": "2026-03-25T12:32:51+00:00",
"revision_history": [
{
"date": "2026-03-25T12:32:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-25T12:33:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T05:00:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift AI 2.16",
"product": {
"name": "Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_ai:2.16::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"product_id": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-codeflare-operator-rhel8@sha256%3Ab68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282100"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-dashboard-rhel8@sha256%3A022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-argoexec-rhel8@sha256%3Afd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256%3A4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774288148"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-operator-controller-rhel8@sha256%3A64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282078"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kf-notebook-controller-rhel8@sha256%3Ab26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282201"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kuberay-operator-controller-rhel8@sha256%3A9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282134"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kueue-controller-rhel8@sha256%3Af38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282087"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-api-server-v2-rhel8@sha256%3Ac46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282268"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-driver-rhel8@sha256%3A0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282328"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-launcher-rhel8@sha256%3Ab82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256%3A9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282159"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256%3A87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282202"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mlmd-grpc-server-rhel8@sha256%3A07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774283932"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mm-rest-proxy-rhel8@sha256%3Aace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282095"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-controller-rhel8@sha256%3Aa880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774286327"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-operator-rhel8@sha256%3A8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282093"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-rhel8@sha256%3A14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282092"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-runtime-adapter-rhel8@sha256%3Aa291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774283191"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-serving-controller-rhel8@sha256%3Aae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282244"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-rhel8@sha256%3Aabdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282058"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"product_id": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-notebook-controller-rhel8@sha256%3Aaa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282170"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"product_id": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-operator-bundle@sha256%3A9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774296584"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"product_id": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-rhel8-operator@sha256%3A2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774293140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"product_id": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-operator-rhel8@sha256%3A6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282093"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-operator-rhel8@sha256%3A297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774285579"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-rhel8@sha256%3A92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282073"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"discovery_date": "2025-11-06T19:01:04.402278+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413190"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd local privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "RHBZ#2413190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/blob/main/docs/rootless.md",
"url": "https://github.com/containerd/containerd/blob/main/docs/rootless.md"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5",
"url": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"
}
],
"release_date": "2025-11-06T18:36:21.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "The system administrator on the host can manually chmod the directories to not\nhave group or world accessible permissions:\n```\nchmod 700 /var/lib/containerd\nchmod 700 /run/containerd/io.containerd.grpc.v1.cri\nchmod 700 /run/containerd/io.containerd.sandbox.controller.v1.shim\n```\nAn alternative mitigation would be to run containerd in rootless mode.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd local privilege escalation"
},
{
"cve": "CVE-2025-6193",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2025-06-20T14:05:07.010000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2374032"
}
],
"notes": [
{
"category": "description",
"text": "A command injection vulnerability was discovered in the TrustyAI Explainability toolkit. Arbitrary commands placed in certain fields of a LMEValJob custom resource (CR) may be executed in the LMEvalJob pod\u0027s terminal. This issue can be exploited via a maliciously crafted LMEvalJob by a user with permissions to deploy a CR.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "trustyai-explainability: command injection via LMEvalJob CR",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6193"
},
{
"category": "external",
"summary": "RHBZ#2374032",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374032"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6193"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6193",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6193"
},
{
"category": "external",
"summary": "https://github.com/trustyai-explainability/trustyai-service-operator/pull/504",
"url": "https://github.com/trustyai-explainability/trustyai-service-operator/pull/504"
}
],
"release_date": "2025-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "trustyai-explainability: command injection via LMEvalJob CR"
},
{
"cve": "CVE-2025-12060",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-10-30T18:01:32.193676+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407443"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the keras Python library. when used with the extract=True option for tar archives, is vulnerable to a path traversal attack. The utility uses Python\u0027s tarfile.extractall function without the filter=\"data\" feature. A remote attacker can craft a malicious tar archive containing special symlinks, which, when extracted, allows them to write arbitrary files to any location on the filesystem outside of the intended destination folder.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keras: Keras Path Traversal Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12060"
},
{
"category": "external",
"summary": "RHBZ#2407443",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407443"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12060"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12060",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12060"
},
{
"category": "external",
"summary": "https://github.com/keras-team/keras/pull/21760",
"url": "https://github.com/keras-team/keras/pull/21760"
},
{
"category": "external",
"summary": "https://github.com/keras-team/keras/security/advisories/GHSA-hjqc-jx6g-rwp9",
"url": "https://github.com/keras-team/keras/security/advisories/GHSA-hjqc-jx6g-rwp9"
}
],
"release_date": "2025-10-30T17:10:43.868000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keras: Keras Path Traversal Vulnerability"
},
{
"cve": "CVE-2025-12638",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-11-28T15:01:10.693633+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417711"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in Keras. The vulnerability arises because the function uses Python\u0027s tarfile.extractall() method without the security-critical filter=\u0027data\u0027 parameter. Although Keras attempts to filter unsafe paths using filter_safe_paths(), this filtering occurs before extraction, and a PATH_MAX symlink resolution bug triggers during extraction. This bug causes symlink resolution to fail due to path length limits, resulting in a security bypass that allows files to be written outside the intended extraction directory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keras: Path Traversal Vulnerability in keras",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12638"
},
{
"category": "external",
"summary": "RHBZ#2417711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417711"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12638"
},
{
"category": "external",
"summary": "https://github.com/keras-team/keras/commit/47fcb397ee4caffd5a75efd1fa3067559594e951",
"url": "https://github.com/keras-team/keras/commit/47fcb397ee4caffd5a75efd1fa3067559594e951"
},
{
"category": "external",
"summary": "https://huntr.com/bounties/f94f5beb-54d8-4e6a-8bac-86d9aee103f4",
"url": "https://huntr.com/bounties/f94f5beb-54d8-4e6a-8bac-86d9aee103f4"
}
],
"release_date": "2025-11-28T14:06:02.069000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keras: Path Traversal Vulnerability in keras"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66626",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"discovery_date": "2025-12-09T21:01:10.560389+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2420818"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal and arbitrary file overwrite vulnerability has been identified in Argo Workflows during the extraction of archived artifacts, where symbolic links inside a crafted archive are not safely validated before file extraction. An attacker could exploit this flaw by submitting a malicious archive containing symbolic links that point outside the intended extraction directory, causing files to be written or overwritten in unintended locations within the workflow pod. Successful exploitation may allow an attacker to overwrite execution control files and achieve arbitrary command execution during pod startup.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-workflows: argoproj/argo-workflows is vulnerable to RCE via ZipSlip and symbolic links",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has rated this issue as High severity (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H, 8.3) because an attacker with basic workflow submission privileges can supply a specially crafted archive that is automatically extracted without proper validation. The attack complexity is low and does not require user interaction once the malicious workflow is submitted. Successful exploitation allows arbitrary file overwrite within the affected pod, including critical execution files, which can result in code execution at pod startup. While the impact is generally limited to the compromised pod and does not directly lead to host-level compromise, the integrity and availability impacts within the container are significant, justifying a High severity rating.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66626"
},
{
"category": "external",
"summary": "RHBZ#2420818",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420818"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66626",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66626"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66626",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66626"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-p84v-gxvw-73pf",
"url": "https://github.com/advisories/GHSA-p84v-gxvw-73pf"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-workflows/blob/5291e0b01f94ba864f96f795bb500f2cfc5ad799/workflow/executor/executor.go#L1034-L1037",
"url": "https://github.com/argoproj/argo-workflows/blob/5291e0b01f94ba864f96f795bb500f2cfc5ad799/workflow/executor/executor.go#L1034-L1037"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-workflows/commit/6b92af23f35aed4d4de8b04adcaf19d68f006de1",
"url": "https://github.com/argoproj/argo-workflows/commit/6b92af23f35aed4d4de8b04adcaf19d68f006de1"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-xrqc-7xgx-c9vh",
"url": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-xrqc-7xgx-c9vh"
}
],
"release_date": "2025-12-09T20:19:14.680000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/argoproj/argo-workflows: argoproj/argo-workflows is vulnerable to RCE via ZipSlip and symbolic links"
},
{
"cve": "CVE-2025-68156",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-16T19:01:42.049157+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2422891"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Expr, an expression language and expression evaluation for Go. This vulnerability allows a denial of service (DoS) via recursive traversal over user-provided deeply nested or cyclic data structures without enforcing a maximum recursion depth, leading to a stack overflow panic and application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products utilizing the `Expr` Go library because it can lead to a denial-of-service. Exploitation requires an application to evaluate expressions against untrusted or insufficiently validated data structures containing deeply nested or cyclic references, which can cause a stack overflow and application crash. Products that do not process untrusted input with `Expr` are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68156"
},
{
"category": "external",
"summary": "RHBZ#2422891",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422891"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68156"
},
{
"category": "external",
"summary": "https://github.com/expr-lang/expr/pull/870",
"url": "https://github.com/expr-lang/expr/pull/870"
},
{
"category": "external",
"summary": "https://github.com/expr-lang/expr/security/advisories/GHSA-cfpf-hrx2-8rv6",
"url": "https://github.com/expr-lang/expr/security/advisories/GHSA-cfpf-hrx2-8rv6"
}
],
"release_date": "2025-12-16T18:24:11.648000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications using the `Expr` library should ensure that evaluation environments do not contain cyclic references. Additionally, externally supplied data structures must be validated or sanitized before being passed to `Expr` for evaluation. As a last-resort defensive measure, expression evaluation can be wrapped with panic recovery to prevent a full process crash.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation"
},
{
"cve": "CVE-2025-69873",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-11T19:01:32.953264+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439070"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ajv. When the $data option is enabled, the value of the pattern keyword is passed directly to the JavaScript RegExp() constructor without sufficient validation. An attacker able to supply a malicious regular expression pattern can trigger a ReDoS (Regular Expression Denial of Service), causing the application to become unresponsive and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ajv: ReDoS via $data reference",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, the $data option must be enabled and the attacker needs to be able to send a payload with a specially crafted regular expression to the application processing the input. A 31-character payload causes approximately 44 seconds of execution, with each additional character doubling the execution time. Therefore, even a small payload can cause an application to become unresponsive and eventually result in a denial of service. Due to this reason, this flaw has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69873"
},
{
"category": "external",
"summary": "RHBZ#2439070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439070"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69873"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873"
},
{
"category": "external",
"summary": "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md",
"url": "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md"
}
],
"release_date": "2026-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the $data feature if your application does not require it. If $data must be used, implement strict validation of the input fields that are referenced by the pattern keyword to ensure they contain only expected and safe characters.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ajv: ReDoS via $data reference"
},
{
"cve": "CVE-2026-1526",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:25.538271+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447142"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a \"decompression bomb,\" during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "RHBZ#2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3481206",
"url": "https://hackerone.com/reports/3481206"
}
],
"release_date": "2026-03-12T20:08:05.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression"
},
{
"cve": "CVE-2026-1528",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:36.954017+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici\u0027s ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via crafted WebSocket frame with large length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "RHBZ#2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3537648",
"url": "https://hackerone.com/reports/3537648"
}
],
"release_date": "2026-03-12T20:21:57.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via crafted WebSocket frame with large length"
},
{
"cve": "CVE-2026-2229",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:29.187989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447143"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "RHBZ#2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487486",
"url": "https://hackerone.com/reports/3487486"
},
{
"category": "external",
"summary": "https://nodejs.org/api/zlib.html#class-zlibinflateraw",
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"release_date": "2026-03-12T20:27:05.600000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter"
},
{
"cve": "CVE-2026-25223",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2026-02-03T22:01:19.884891+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436560"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fastify, a web framework for Node.js. A remote attacker can exploit a validation bypass vulnerability by appending a tab character followed by arbitrary content to the Content-Type header. This circumvents the request body validation schemas, allowing the server to process the body as the original content type without proper validation. This could lead to unexpected data processing and potential integrity impact.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Fastify: Fastify: Validation bypass due to malformed Content-Type header leading to integrity impact",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This IMPORTANT vulnerability in Fastify, a Node.js web framework, allows remote attackers to bypass request body validation by manipulating the Content-Type header. This can lead to unexpected data processing and integrity issues in applications. Red Hat products such as Red Hat Enterprise Linux AI, Red Hat OpenShift AI, and Red Hat OpenShift Dev Spaces are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25223"
},
{
"category": "external",
"summary": "RHBZ#2436560",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436560"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25223",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25223"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25223",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25223"
},
{
"category": "external",
"summary": "https://fastify.dev/docs/latest/Reference/Validation-and-Serialization",
"url": "https://fastify.dev/docs/latest/Reference/Validation-and-Serialization"
},
{
"category": "external",
"summary": "https://github.com/fastify/fastify/blob/759e9787b5669abf953068e42a17bffba7521348/lib/content-type-parser.js#L125",
"url": "https://github.com/fastify/fastify/blob/759e9787b5669abf953068e42a17bffba7521348/lib/content-type-parser.js#L125"
},
{
"category": "external",
"summary": "https://github.com/fastify/fastify/blob/759e9787b5669abf953068e42a17bffba7521348/lib/validation.js#L272",
"url": "https://github.com/fastify/fastify/blob/759e9787b5669abf953068e42a17bffba7521348/lib/validation.js#L272"
},
{
"category": "external",
"summary": "https://github.com/fastify/fastify/commit/32d7b6add39ddf082d92579a58bea7018c5ac821",
"url": "https://github.com/fastify/fastify/commit/32d7b6add39ddf082d92579a58bea7018c5ac821"
},
{
"category": "external",
"summary": "https://github.com/fastify/fastify/security/advisories/GHSA-jx2c-rxcm-jvmq",
"url": "https://github.com/fastify/fastify/security/advisories/GHSA-jx2c-rxcm-jvmq"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3464114",
"url": "https://hackerone.com/reports/3464114"
}
],
"release_date": "2026-02-03T21:21:40.268000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Fastify: Fastify: Validation bypass due to malformed Content-Type header leading to integrity impact"
},
{
"cve": "CVE-2026-25639",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-02-09T21:00:49.280114+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438237"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the Axios npm package. the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios affected by Denial of Service via __proto__ Key in mergeConfig",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25639"
},
{
"category": "external",
"summary": "RHBZ#2438237",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438237"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25639",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25639"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25639",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25639"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57",
"url": "https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.13.5",
"url": "https://github.com/axios/axios/releases/tag/v1.13.5"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433",
"url": "https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433"
}
],
"release_date": "2026-02-09T20:11:22.374000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios affected by Denial of Service via __proto__ Key in mergeConfig"
},
{
"cve": "CVE-2026-29074",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445132"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application\u0027s failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "svgo: SVGO: Denial of Service via XML entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "RHBZ#2445132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673",
"url": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673"
}
],
"release_date": "2026-03-06T07:23:05.716000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "svgo: SVGO: Denial of Service via XML entity expansion"
},
{
"cve": "CVE-2026-32141",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T19:01:30.987208+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447083"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the flatted npm library. flatted\u0027s parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flatted: flatted: Unbounded recursion DoS in parse() revive phase",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32141"
},
{
"category": "external",
"summary": "RHBZ#2447083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606",
"url": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/pull/88",
"url": "https://github.com/WebReflection/flatted/pull/88"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f",
"url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f"
}
],
"release_date": "2026-03-12T18:08:09.634000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "flatted: flatted: Unbounded recursion DoS in parse() revive phase"
}
]
}
RHSA-2026:5851
Vulnerability from csaf_redhat - Published: 2026-03-25 23:56 - Updated: 2026-07-01 00:13A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x | — |
Workaround
|
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x | — |
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64 | — | ||
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64 | — | ||
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le | — | ||
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64 | — | ||
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x | — | ||
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64 | — | ||
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x | — | ||
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64 | — | ||
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le | — |
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64 | — | ||
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64 | — | ||
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le | — | ||
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64 | — | ||
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x | — | ||
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64 | — | ||
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x | — | ||
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64 | — | ||
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le | — |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "DevWorkspace Operator 0.40.0 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "The DevWorkspace Operator extends OpenShift to provide DevWorkspace support.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:5851",
"url": "https://access.redhat.com/errata/RHSA-2026:5851"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61728",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68121",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://redhat.atlassian.net/browse/CRW-10575",
"url": "https://redhat.atlassian.net/browse/CRW-10575"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_5851.json"
}
],
"title": "Red Hat Security Advisory: DevWorkspace Operator 0.40.0 release.",
"tracking": {
"current_release_date": "2026-07-01T00:13:36+00:00",
"generator": {
"date": "2026-07-01T00:13:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:5851",
"initial_release_date": "2026-03-25T23:56:41+00:00",
"revision_history": [
{
"date": "2026-03-25T23:56:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-25T23:56:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:13:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "DevWorkspace Operator 0.4",
"product": {
"name": "DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:devworkspace:0.40::el9"
}
}
}
],
"category": "product_family",
"name": "DevWorkspace Operator"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-rhel9-operator@sha256%3A030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30?arch=amd64\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1773953459"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-operator-bundle@sha256%3Ab22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5?arch=amd64\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1773959130"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-backup-rhel9@sha256%3A0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc?arch=amd64\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1773527262"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-clone-rhel9@sha256%3A11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30?arch=amd64\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1773953548"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x",
"product_id": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-rhel9-operator@sha256%3A90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645?arch=s390x\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1773953459"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-backup-rhel9@sha256%3Aab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f?arch=s390x\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1773527262"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-clone-rhel9@sha256%3A16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53?arch=s390x\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1773953548"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le",
"product_id": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-rhel9-operator@sha256%3Ade7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44?arch=ppc64le\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1773953459"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-backup-rhel9@sha256%3A662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea?arch=ppc64le\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1773527262"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-clone-rhel9@sha256%3Abf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50?arch=ppc64le\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1773953548"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-rhel9-operator@sha256%3A783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf?arch=arm64\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1773953459"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-backup-rhel9@sha256%3A812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464?arch=arm64\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1773527262"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-clone-rhel9@sha256%3A955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514?arch=arm64\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1773953548"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64 as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64 as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64 as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64 as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64 as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64 as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64 as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le"
],
"known_not_affected": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T23:56:41+00:00",
"details": "To start using the DevWorkspace Operator, install the DevWorkspace Operator from OpenShift OperatorHub on OpenShift Container Platform 4.16 or higher.",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5851"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le"
],
"known_not_affected": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T23:56:41+00:00",
"details": "To start using the DevWorkspace Operator, install the DevWorkspace Operator from OpenShift OperatorHub on OpenShift Container Platform 4.16 or higher.",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5851"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le"
],
"known_not_affected": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T23:56:41+00:00",
"details": "To start using the DevWorkspace Operator, install the DevWorkspace Operator from OpenShift OperatorHub on OpenShift Container Platform 4.16 or higher.",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5851"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le"
],
"known_not_affected": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T23:56:41+00:00",
"details": "To start using the DevWorkspace Operator, install the DevWorkspace Operator from OpenShift OperatorHub on OpenShift Container Platform 4.16 or higher.",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5851"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:b22a283fc83e7b6d99cd35afd6c8b066026fb8699a7d48a64eceea1f7a4262c5_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0d1a98bd35453d85403050bf2d5a60399048bef2d9a01b44438da3fc991cdddc_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:662efae63c52da171bef532813311884c14d24dfe561ed338298965d1b49e1ea_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:812e9962c2b538d56054b0373df679f02e92f47457049a5acda883d047816464_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:ab53d75e3c7adb9f71d5c3e69158bee347767f4935dcea57af1a55528c4b6e4f_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:11c561bf7aac3f3ac3adfbc437a3f56ef7fdf494f02c161bde982156b36d8b30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:16c8a2101e6d1cb0db4834d42fe8b9bfa24e70dd2c03691cd5e5e6d7c2d1de53_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:955b69b44e7678aa7cac4d88f3142a2e4c44fe586ecf521034ebae40539e8514_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:bf5514d940f858292f98853f4a939d8e89977f0bc72b5be34304bfb60b52ee50_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:030160d105ab2fd0f9815527f1b37055c4f734bee9f37f7ea923a506f8e39c30_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:783ba2b9c36eabf2d04c30be1fd025502dacfd9138e9650c1d91dc7670c50faf_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:90826bb4d26aa81609923bf06310f98ffcc01754bf21d6b78123b1e1dff39645_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:de7e7e42e24111905f25990ed89adfbaee8b4467b9889142dff6091f4719da44_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
}
]
}
RHSA-2026:5852
Vulnerability from csaf_redhat - Published: 2026-03-26 00:58 - Updated: 2026-07-01 00:17A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for osbuild-composer is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients.\n\nSecurity Fix(es):\n\n* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n\n* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:5852",
"url": "https://access.redhat.com/errata/RHSA-2026:5852"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_5852.json"
}
],
"title": "Red Hat Security Advisory: osbuild-composer security update",
"tracking": {
"current_release_date": "2026-07-01T00:17:04+00:00",
"generator": {
"date": "2026-07-01T00:17:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:5852",
"initial_release_date": "2026-03-26T00:58:34+00:00",
"revision_history": [
{
"date": "2026-03-26T00:58:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-26T00:58:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:17:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:134.1-5.el10_0.src",
"product": {
"name": "osbuild-composer-0:134.1-5.el10_0.src",
"product_id": "osbuild-composer-0:134.1-5.el10_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@134.1-5.el10_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:134.1-5.el10_0.aarch64",
"product": {
"name": "osbuild-composer-0:134.1-5.el10_0.aarch64",
"product_id": "osbuild-composer-0:134.1-5.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@134.1-5.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:134.1-5.el10_0.aarch64",
"product": {
"name": "osbuild-composer-core-0:134.1-5.el10_0.aarch64",
"product_id": "osbuild-composer-core-0:134.1-5.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@134.1-5.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:134.1-5.el10_0.aarch64",
"product": {
"name": "osbuild-composer-worker-0:134.1-5.el10_0.aarch64",
"product_id": "osbuild-composer-worker-0:134.1-5.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@134.1-5.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:134.1-5.el10_0.aarch64",
"product": {
"name": "osbuild-composer-debugsource-0:134.1-5.el10_0.aarch64",
"product_id": "osbuild-composer-debugsource-0:134.1-5.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@134.1-5.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.aarch64",
"product": {
"name": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.aarch64",
"product_id": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@134.1-5.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.aarch64",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.aarch64",
"product_id": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@134.1-5.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.aarch64",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.aarch64",
"product_id": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@134.1-5.el10_0?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:134.1-5.el10_0.ppc64le",
"product": {
"name": "osbuild-composer-0:134.1-5.el10_0.ppc64le",
"product_id": "osbuild-composer-0:134.1-5.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@134.1-5.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:134.1-5.el10_0.ppc64le",
"product": {
"name": "osbuild-composer-core-0:134.1-5.el10_0.ppc64le",
"product_id": "osbuild-composer-core-0:134.1-5.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@134.1-5.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:134.1-5.el10_0.ppc64le",
"product": {
"name": "osbuild-composer-worker-0:134.1-5.el10_0.ppc64le",
"product_id": "osbuild-composer-worker-0:134.1-5.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@134.1-5.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:134.1-5.el10_0.ppc64le",
"product": {
"name": "osbuild-composer-debugsource-0:134.1-5.el10_0.ppc64le",
"product_id": "osbuild-composer-debugsource-0:134.1-5.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@134.1-5.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.ppc64le",
"product": {
"name": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.ppc64le",
"product_id": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@134.1-5.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.ppc64le",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.ppc64le",
"product_id": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@134.1-5.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.ppc64le",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.ppc64le",
"product_id": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@134.1-5.el10_0?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:134.1-5.el10_0.s390x",
"product": {
"name": "osbuild-composer-0:134.1-5.el10_0.s390x",
"product_id": "osbuild-composer-0:134.1-5.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@134.1-5.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:134.1-5.el10_0.s390x",
"product": {
"name": "osbuild-composer-core-0:134.1-5.el10_0.s390x",
"product_id": "osbuild-composer-core-0:134.1-5.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@134.1-5.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:134.1-5.el10_0.s390x",
"product": {
"name": "osbuild-composer-worker-0:134.1-5.el10_0.s390x",
"product_id": "osbuild-composer-worker-0:134.1-5.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@134.1-5.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:134.1-5.el10_0.s390x",
"product": {
"name": "osbuild-composer-debugsource-0:134.1-5.el10_0.s390x",
"product_id": "osbuild-composer-debugsource-0:134.1-5.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@134.1-5.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.s390x",
"product": {
"name": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.s390x",
"product_id": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@134.1-5.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.s390x",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.s390x",
"product_id": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@134.1-5.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.s390x",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.s390x",
"product_id": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@134.1-5.el10_0?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:134.1-5.el10_0.x86_64",
"product": {
"name": "osbuild-composer-0:134.1-5.el10_0.x86_64",
"product_id": "osbuild-composer-0:134.1-5.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@134.1-5.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:134.1-5.el10_0.x86_64",
"product": {
"name": "osbuild-composer-core-0:134.1-5.el10_0.x86_64",
"product_id": "osbuild-composer-core-0:134.1-5.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@134.1-5.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:134.1-5.el10_0.x86_64",
"product": {
"name": "osbuild-composer-worker-0:134.1-5.el10_0.x86_64",
"product_id": "osbuild-composer-worker-0:134.1-5.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@134.1-5.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:134.1-5.el10_0.x86_64",
"product": {
"name": "osbuild-composer-debugsource-0:134.1-5.el10_0.x86_64",
"product_id": "osbuild-composer-debugsource-0:134.1-5.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@134.1-5.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.x86_64",
"product": {
"name": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.x86_64",
"product_id": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@134.1-5.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.x86_64",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.x86_64",
"product_id": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@134.1-5.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.x86_64",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.x86_64",
"product_id": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@134.1-5.el10_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:134.1-5.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.aarch64"
},
"product_reference": "osbuild-composer-0:134.1-5.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:134.1-5.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.ppc64le"
},
"product_reference": "osbuild-composer-0:134.1-5.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:134.1-5.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.s390x"
},
"product_reference": "osbuild-composer-0:134.1-5.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:134.1-5.el10_0.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.src"
},
"product_reference": "osbuild-composer-0:134.1-5.el10_0.src",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:134.1-5.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.x86_64"
},
"product_reference": "osbuild-composer-0:134.1-5.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:134.1-5.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.aarch64"
},
"product_reference": "osbuild-composer-core-0:134.1-5.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:134.1-5.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.ppc64le"
},
"product_reference": "osbuild-composer-core-0:134.1-5.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:134.1-5.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.s390x"
},
"product_reference": "osbuild-composer-core-0:134.1-5.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:134.1-5.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.x86_64"
},
"product_reference": "osbuild-composer-core-0:134.1-5.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.aarch64"
},
"product_reference": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.ppc64le"
},
"product_reference": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.s390x"
},
"product_reference": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.x86_64"
},
"product_reference": "osbuild-composer-core-debuginfo-0:134.1-5.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:134.1-5.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.aarch64"
},
"product_reference": "osbuild-composer-debugsource-0:134.1-5.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:134.1-5.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.ppc64le"
},
"product_reference": "osbuild-composer-debugsource-0:134.1-5.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:134.1-5.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.s390x"
},
"product_reference": "osbuild-composer-debugsource-0:134.1-5.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:134.1-5.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.x86_64"
},
"product_reference": "osbuild-composer-debugsource-0:134.1-5.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.aarch64"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.ppc64le"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.s390x"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.x86_64"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:134.1-5.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.aarch64"
},
"product_reference": "osbuild-composer-worker-0:134.1-5.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:134.1-5.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.ppc64le"
},
"product_reference": "osbuild-composer-worker-0:134.1-5.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:134.1-5.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.s390x"
},
"product_reference": "osbuild-composer-worker-0:134.1-5.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:134.1-5.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.x86_64"
},
"product_reference": "osbuild-composer-worker-0:134.1-5.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.aarch64"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.ppc64le"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.s390x"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.x86_64"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.src",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-26T00:58:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.src",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5852"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.src",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.src",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.src",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-26T00:58:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.src",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5852"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.src",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-5.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-5.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
}
]
}
RHSA-2026:5853
Vulnerability from csaf_redhat - Published: 2026-03-26 01:05 - Updated: 2026-07-01 00:17A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.AUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.Z.TUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for osbuild-composer is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients.\n\nSecurity Fix(es):\n\n* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n\n* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:5853",
"url": "https://access.redhat.com/errata/RHSA-2026:5853"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_5853.json"
}
],
"title": "Red Hat Security Advisory: osbuild-composer security update",
"tracking": {
"current_release_date": "2026-07-01T00:17:04+00:00",
"generator": {
"date": "2026-07-01T00:17:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:5853",
"initial_release_date": "2026-03-26T01:05:19+00:00",
"revision_history": [
{
"date": "2026-03-26T01:05:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-26T01:05:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:17:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_aus:8.6::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:8.6::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_tus:8.6::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:46.3-6.el8_6.src",
"product": {
"name": "osbuild-composer-0:46.3-6.el8_6.src",
"product_id": "osbuild-composer-0:46.3-6.el8_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@46.3-6.el8_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:46.3-6.el8_6.x86_64",
"product": {
"name": "osbuild-composer-0:46.3-6.el8_6.x86_64",
"product_id": "osbuild-composer-0:46.3-6.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@46.3-6.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"product": {
"name": "osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"product_id": "osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@46.3-6.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"product": {
"name": "osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"product_id": "osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-dnf-json@46.3-6.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"product": {
"name": "osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"product_id": "osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@46.3-6.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"product": {
"name": "osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"product_id": "osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@46.3-6.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"product": {
"name": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"product_id": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@46.3-6.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"product": {
"name": "osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"product_id": "osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debuginfo@46.3-6.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"product_id": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@46.3-6.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"product_id": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@46.3-6.el8_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:46.3-6.el8_6.aarch64",
"product": {
"name": "osbuild-composer-0:46.3-6.el8_6.aarch64",
"product_id": "osbuild-composer-0:46.3-6.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@46.3-6.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:46.3-6.el8_6.aarch64",
"product": {
"name": "osbuild-composer-core-0:46.3-6.el8_6.aarch64",
"product_id": "osbuild-composer-core-0:46.3-6.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@46.3-6.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-dnf-json-0:46.3-6.el8_6.aarch64",
"product": {
"name": "osbuild-composer-dnf-json-0:46.3-6.el8_6.aarch64",
"product_id": "osbuild-composer-dnf-json-0:46.3-6.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-dnf-json@46.3-6.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:46.3-6.el8_6.aarch64",
"product": {
"name": "osbuild-composer-worker-0:46.3-6.el8_6.aarch64",
"product_id": "osbuild-composer-worker-0:46.3-6.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@46.3-6.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:46.3-6.el8_6.aarch64",
"product": {
"name": "osbuild-composer-debugsource-0:46.3-6.el8_6.aarch64",
"product_id": "osbuild-composer-debugsource-0:46.3-6.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@46.3-6.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.aarch64",
"product": {
"name": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.aarch64",
"product_id": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@46.3-6.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debuginfo-0:46.3-6.el8_6.aarch64",
"product": {
"name": "osbuild-composer-debuginfo-0:46.3-6.el8_6.aarch64",
"product_id": "osbuild-composer-debuginfo-0:46.3-6.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debuginfo@46.3-6.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.aarch64",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.aarch64",
"product_id": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@46.3-6.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.aarch64",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.aarch64",
"product_id": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@46.3-6.el8_6?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:46.3-6.el8_6.ppc64le",
"product": {
"name": "osbuild-composer-0:46.3-6.el8_6.ppc64le",
"product_id": "osbuild-composer-0:46.3-6.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@46.3-6.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:46.3-6.el8_6.ppc64le",
"product": {
"name": "osbuild-composer-core-0:46.3-6.el8_6.ppc64le",
"product_id": "osbuild-composer-core-0:46.3-6.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@46.3-6.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-dnf-json-0:46.3-6.el8_6.ppc64le",
"product": {
"name": "osbuild-composer-dnf-json-0:46.3-6.el8_6.ppc64le",
"product_id": "osbuild-composer-dnf-json-0:46.3-6.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-dnf-json@46.3-6.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:46.3-6.el8_6.ppc64le",
"product": {
"name": "osbuild-composer-worker-0:46.3-6.el8_6.ppc64le",
"product_id": "osbuild-composer-worker-0:46.3-6.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@46.3-6.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:46.3-6.el8_6.ppc64le",
"product": {
"name": "osbuild-composer-debugsource-0:46.3-6.el8_6.ppc64le",
"product_id": "osbuild-composer-debugsource-0:46.3-6.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@46.3-6.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.ppc64le",
"product": {
"name": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.ppc64le",
"product_id": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@46.3-6.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debuginfo-0:46.3-6.el8_6.ppc64le",
"product": {
"name": "osbuild-composer-debuginfo-0:46.3-6.el8_6.ppc64le",
"product_id": "osbuild-composer-debuginfo-0:46.3-6.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debuginfo@46.3-6.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.ppc64le",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.ppc64le",
"product_id": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@46.3-6.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.ppc64le",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.ppc64le",
"product_id": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@46.3-6.el8_6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:46.3-6.el8_6.s390x",
"product": {
"name": "osbuild-composer-0:46.3-6.el8_6.s390x",
"product_id": "osbuild-composer-0:46.3-6.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@46.3-6.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:46.3-6.el8_6.s390x",
"product": {
"name": "osbuild-composer-core-0:46.3-6.el8_6.s390x",
"product_id": "osbuild-composer-core-0:46.3-6.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@46.3-6.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-dnf-json-0:46.3-6.el8_6.s390x",
"product": {
"name": "osbuild-composer-dnf-json-0:46.3-6.el8_6.s390x",
"product_id": "osbuild-composer-dnf-json-0:46.3-6.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-dnf-json@46.3-6.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:46.3-6.el8_6.s390x",
"product": {
"name": "osbuild-composer-worker-0:46.3-6.el8_6.s390x",
"product_id": "osbuild-composer-worker-0:46.3-6.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@46.3-6.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:46.3-6.el8_6.s390x",
"product": {
"name": "osbuild-composer-debugsource-0:46.3-6.el8_6.s390x",
"product_id": "osbuild-composer-debugsource-0:46.3-6.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@46.3-6.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.s390x",
"product": {
"name": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.s390x",
"product_id": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@46.3-6.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debuginfo-0:46.3-6.el8_6.s390x",
"product": {
"name": "osbuild-composer-debuginfo-0:46.3-6.el8_6.s390x",
"product_id": "osbuild-composer-debuginfo-0:46.3-6.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debuginfo@46.3-6.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.s390x",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.s390x",
"product_id": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@46.3-6.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.s390x",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.s390x",
"product_id": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@46.3-6.el8_6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:46.3-6.el8_6.src as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.src"
},
"product_reference": "osbuild-composer-0:46.3-6.el8_6.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:46.3-6.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.aarch64"
},
"product_reference": "osbuild-composer-0:46.3-6.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:46.3-6.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.ppc64le"
},
"product_reference": "osbuild-composer-0:46.3-6.el8_6.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:46.3-6.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.s390x"
},
"product_reference": "osbuild-composer-0:46.3-6.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:46.3-6.el8_6.src as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.src"
},
"product_reference": "osbuild-composer-0:46.3-6.el8_6.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:46.3-6.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.aarch64"
},
"product_reference": "osbuild-composer-core-0:46.3-6.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:46.3-6.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.ppc64le"
},
"product_reference": "osbuild-composer-core-0:46.3-6.el8_6.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:46.3-6.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.s390x"
},
"product_reference": "osbuild-composer-core-0:46.3-6.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.aarch64"
},
"product_reference": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.ppc64le"
},
"product_reference": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.s390x"
},
"product_reference": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debuginfo-0:46.3-6.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.aarch64"
},
"product_reference": "osbuild-composer-debuginfo-0:46.3-6.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debuginfo-0:46.3-6.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.ppc64le"
},
"product_reference": "osbuild-composer-debuginfo-0:46.3-6.el8_6.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debuginfo-0:46.3-6.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.s390x"
},
"product_reference": "osbuild-composer-debuginfo-0:46.3-6.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:46.3-6.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.aarch64"
},
"product_reference": "osbuild-composer-debugsource-0:46.3-6.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:46.3-6.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.ppc64le"
},
"product_reference": "osbuild-composer-debugsource-0:46.3-6.el8_6.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:46.3-6.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.s390x"
},
"product_reference": "osbuild-composer-debugsource-0:46.3-6.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-dnf-json-0:46.3-6.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.aarch64"
},
"product_reference": "osbuild-composer-dnf-json-0:46.3-6.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-dnf-json-0:46.3-6.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.ppc64le"
},
"product_reference": "osbuild-composer-dnf-json-0:46.3-6.el8_6.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-dnf-json-0:46.3-6.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.s390x"
},
"product_reference": "osbuild-composer-dnf-json-0:46.3-6.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.aarch64"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.ppc64le"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.s390x"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:46.3-6.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.aarch64"
},
"product_reference": "osbuild-composer-worker-0:46.3-6.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:46.3-6.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.ppc64le"
},
"product_reference": "osbuild-composer-worker-0:46.3-6.el8_6.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:46.3-6.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.s390x"
},
"product_reference": "osbuild-composer-worker-0:46.3-6.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.aarch64"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.ppc64le"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.s390x"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:46.3-6.el8_6.src as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.src"
},
"product_reference": "osbuild-composer-0:46.3-6.el8_6.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-26T01:05:19+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5853"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-26T01:05:19+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5853"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.AUS:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.AUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.E4S:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.aarch64",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.ppc64le",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.s390x",
"AppStream-8.6.0.Z.E4S:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.src",
"AppStream-8.6.0.Z.TUS:osbuild-composer-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-core-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-core-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-debugsource-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-dnf-json-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-tests-debuginfo-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-worker-0:46.3-6.el8_6.x86_64",
"AppStream-8.6.0.Z.TUS:osbuild-composer-worker-debuginfo-0:46.3-6.el8_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
}
]
}
RHSA-2026:5866
Vulnerability from csaf_redhat - Published: 2026-04-01 09:29 - Updated: 2026-07-01 06:09A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64 | — |
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.17.52 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.17.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.17.52. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2026:5907\n\nSecurity Fix(es):\n\n* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n* golang: archive/tar: Unbounded allocation when parsing GNU sparse map (CVE-2025-58183)\n* crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.17 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html-single/updating_clusters/index#updating-cluster-cli.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:5866",
"url": "https://access.redhat.com/errata/RHSA-2026:5866"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_5866.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.17.52 packages and security update",
"tracking": {
"current_release_date": "2026-07-01T06:09:53+00:00",
"generator": {
"date": "2026-07-01T06:09:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:5866",
"initial_release_date": "2026-04-01T09:29:07+00:00",
"revision_history": [
{
"date": "2026-04-01T09:29:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-01T09:29:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T06:09:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.17",
"product": {
"name": "Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.17::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.17",
"product": {
"name": "Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.17::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src",
"product": {
"name": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src",
"product_id": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.4.0-8.rhaos4.17.el8?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "runc-4:1.2.9-4.rhaos4.17.el8.src",
"product": {
"name": "runc-4:1.2.9-4.rhaos4.17.el8.src",
"product_id": "runc-4:1.2.9-4.rhaos4.17.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.2.9-4.rhaos4.17.el8?arch=src\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.16.1-5.rhaos4.17.el8.src",
"product": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el8.src",
"product_id": "skopeo-2:1.16.1-5.rhaos4.17.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.16.1-5.rhaos4.17.el8?arch=src\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "runc-4:1.2.9-4.rhaos4.17.el9.src",
"product": {
"name": "runc-4:1.2.9-4.rhaos4.17.el9.src",
"product_id": "runc-4:1.2.9-4.rhaos4.17.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.2.9-4.rhaos4.17.el9?arch=src\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.16.1-5.rhaos4.17.el9.src",
"product": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el9.src",
"product_id": "skopeo-2:1.16.1-5.rhaos4.17.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.16.1-5.rhaos4.17.el9?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64",
"product": {
"name": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64",
"product_id": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.4.0-8.rhaos4.17.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64",
"product": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64",
"product_id": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@1.4.0-8.rhaos4.17.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64",
"product": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64",
"product_id": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@1.4.0-8.rhaos4.17.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "runc-4:1.2.9-4.rhaos4.17.el8.x86_64",
"product": {
"name": "runc-4:1.2.9-4.rhaos4.17.el8.x86_64",
"product_id": "runc-4:1.2.9-4.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.2.9-4.rhaos4.17.el8?arch=x86_64\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64",
"product": {
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64",
"product_id": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.2.9-4.rhaos4.17.el8?arch=x86_64\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64",
"product": {
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64",
"product_id": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.2.9-4.rhaos4.17.el8?arch=x86_64\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64",
"product": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64",
"product_id": "skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.16.1-5.rhaos4.17.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64",
"product": {
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64",
"product_id": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.16.1-5.rhaos4.17.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "runc-4:1.2.9-4.rhaos4.17.el9.x86_64",
"product": {
"name": "runc-4:1.2.9-4.rhaos4.17.el9.x86_64",
"product_id": "runc-4:1.2.9-4.rhaos4.17.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.2.9-4.rhaos4.17.el9?arch=x86_64\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64",
"product": {
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64",
"product_id": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.2.9-4.rhaos4.17.el9?arch=x86_64\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64",
"product": {
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64",
"product_id": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.2.9-4.rhaos4.17.el9?arch=x86_64\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"product": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"product_id": "skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.16.1-5.rhaos4.17.el9?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64",
"product": {
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64",
"product_id": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.16.1-5.rhaos4.17.el9?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64",
"product": {
"name": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64",
"product_id": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.16.1-5.rhaos4.17.el9?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"product": {
"name": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"product_id": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.16.1-5.rhaos4.17.el9?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64",
"product": {
"name": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64",
"product_id": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.4.0-8.rhaos4.17.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64",
"product": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64",
"product_id": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@1.4.0-8.rhaos4.17.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64",
"product": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64",
"product_id": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@1.4.0-8.rhaos4.17.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "runc-4:1.2.9-4.rhaos4.17.el8.aarch64",
"product": {
"name": "runc-4:1.2.9-4.rhaos4.17.el8.aarch64",
"product_id": "runc-4:1.2.9-4.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.2.9-4.rhaos4.17.el8?arch=aarch64\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64",
"product": {
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64",
"product_id": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.2.9-4.rhaos4.17.el8?arch=aarch64\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64",
"product": {
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64",
"product_id": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.2.9-4.rhaos4.17.el8?arch=aarch64\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64",
"product": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64",
"product_id": "skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.16.1-5.rhaos4.17.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64",
"product": {
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64",
"product_id": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.16.1-5.rhaos4.17.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "runc-4:1.2.9-4.rhaos4.17.el9.aarch64",
"product": {
"name": "runc-4:1.2.9-4.rhaos4.17.el9.aarch64",
"product_id": "runc-4:1.2.9-4.rhaos4.17.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.2.9-4.rhaos4.17.el9?arch=aarch64\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64",
"product": {
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64",
"product_id": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.2.9-4.rhaos4.17.el9?arch=aarch64\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64",
"product": {
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64",
"product_id": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.2.9-4.rhaos4.17.el9?arch=aarch64\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"product": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"product_id": "skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.16.1-5.rhaos4.17.el9?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64",
"product": {
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64",
"product_id": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.16.1-5.rhaos4.17.el9?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64",
"product": {
"name": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64",
"product_id": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.16.1-5.rhaos4.17.el9?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"product": {
"name": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"product_id": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.16.1-5.rhaos4.17.el9?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"product": {
"name": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"product_id": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.4.0-8.rhaos4.17.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"product": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"product_id": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@1.4.0-8.rhaos4.17.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"product": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"product_id": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@1.4.0-8.rhaos4.17.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "runc-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"product": {
"name": "runc-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"product_id": "runc-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.2.9-4.rhaos4.17.el8?arch=ppc64le\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"product": {
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"product_id": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.2.9-4.rhaos4.17.el8?arch=ppc64le\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"product": {
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"product_id": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.2.9-4.rhaos4.17.el8?arch=ppc64le\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"product": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"product_id": "skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.16.1-5.rhaos4.17.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"product": {
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"product_id": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.16.1-5.rhaos4.17.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "runc-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"product": {
"name": "runc-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"product_id": "runc-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.2.9-4.rhaos4.17.el9?arch=ppc64le\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"product": {
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"product_id": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.2.9-4.rhaos4.17.el9?arch=ppc64le\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"product": {
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"product_id": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.2.9-4.rhaos4.17.el9?arch=ppc64le\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"product": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"product_id": "skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.16.1-5.rhaos4.17.el9?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"product": {
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"product_id": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.16.1-5.rhaos4.17.el9?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"product": {
"name": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"product_id": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.16.1-5.rhaos4.17.el9?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"product": {
"name": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"product_id": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.16.1-5.rhaos4.17.el9?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x",
"product": {
"name": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x",
"product_id": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.4.0-8.rhaos4.17.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x",
"product": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x",
"product_id": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@1.4.0-8.rhaos4.17.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x",
"product": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x",
"product_id": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@1.4.0-8.rhaos4.17.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "runc-4:1.2.9-4.rhaos4.17.el8.s390x",
"product": {
"name": "runc-4:1.2.9-4.rhaos4.17.el8.s390x",
"product_id": "runc-4:1.2.9-4.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.2.9-4.rhaos4.17.el8?arch=s390x\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x",
"product": {
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x",
"product_id": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.2.9-4.rhaos4.17.el8?arch=s390x\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x",
"product": {
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x",
"product_id": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.2.9-4.rhaos4.17.el8?arch=s390x\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.16.1-5.rhaos4.17.el8.s390x",
"product": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el8.s390x",
"product_id": "skopeo-2:1.16.1-5.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.16.1-5.rhaos4.17.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x",
"product": {
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x",
"product_id": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.16.1-5.rhaos4.17.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "runc-4:1.2.9-4.rhaos4.17.el9.s390x",
"product": {
"name": "runc-4:1.2.9-4.rhaos4.17.el9.s390x",
"product_id": "runc-4:1.2.9-4.rhaos4.17.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.2.9-4.rhaos4.17.el9?arch=s390x\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x",
"product": {
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x",
"product_id": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.2.9-4.rhaos4.17.el9?arch=s390x\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x",
"product": {
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x",
"product_id": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.2.9-4.rhaos4.17.el9?arch=s390x\u0026epoch=4"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.16.1-5.rhaos4.17.el9.s390x",
"product": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el9.s390x",
"product_id": "skopeo-2:1.16.1-5.rhaos4.17.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.16.1-5.rhaos4.17.el9?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x",
"product": {
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x",
"product_id": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.16.1-5.rhaos4.17.el9?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x",
"product": {
"name": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x",
"product_id": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.16.1-5.rhaos4.17.el9?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x",
"product": {
"name": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x",
"product_id": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.16.1-5.rhaos4.17.el9?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64"
},
"product_reference": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le"
},
"product_reference": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x"
},
"product_reference": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src"
},
"product_reference": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64"
},
"product_reference": "containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64"
},
"product_reference": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le"
},
"product_reference": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x"
},
"product_reference": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64"
},
"product_reference": "containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64"
},
"product_reference": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le"
},
"product_reference": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x"
},
"product_reference": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64"
},
"product_reference": "containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-4:1.2.9-4.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.aarch64"
},
"product_reference": "runc-4:1.2.9-4.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-4:1.2.9-4.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.ppc64le"
},
"product_reference": "runc-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-4:1.2.9-4.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.s390x"
},
"product_reference": "runc-4:1.2.9-4.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-4:1.2.9-4.rhaos4.17.el8.src as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.src"
},
"product_reference": "runc-4:1.2.9-4.rhaos4.17.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-4:1.2.9-4.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.x86_64"
},
"product_reference": "runc-4:1.2.9-4.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64"
},
"product_reference": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le"
},
"product_reference": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x"
},
"product_reference": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64"
},
"product_reference": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64"
},
"product_reference": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le"
},
"product_reference": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x"
},
"product_reference": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64"
},
"product_reference": "runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64"
},
"product_reference": "skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le"
},
"product_reference": "skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.s390x"
},
"product_reference": "skopeo-2:1.16.1-5.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el8.src as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.src"
},
"product_reference": "skopeo-2:1.16.1-5.rhaos4.17.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64"
},
"product_reference": "skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64"
},
"product_reference": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le"
},
"product_reference": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x"
},
"product_reference": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64"
},
"product_reference": "skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-4:1.2.9-4.rhaos4.17.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.aarch64"
},
"product_reference": "runc-4:1.2.9-4.rhaos4.17.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-4:1.2.9-4.rhaos4.17.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.ppc64le"
},
"product_reference": "runc-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-4:1.2.9-4.rhaos4.17.el9.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.s390x"
},
"product_reference": "runc-4:1.2.9-4.rhaos4.17.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-4:1.2.9-4.rhaos4.17.el9.src as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.src"
},
"product_reference": "runc-4:1.2.9-4.rhaos4.17.el9.src",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-4:1.2.9-4.rhaos4.17.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.x86_64"
},
"product_reference": "runc-4:1.2.9-4.rhaos4.17.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64"
},
"product_reference": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le"
},
"product_reference": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x"
},
"product_reference": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64"
},
"product_reference": "runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64"
},
"product_reference": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le"
},
"product_reference": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x"
},
"product_reference": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64"
},
"product_reference": "runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64"
},
"product_reference": "skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le"
},
"product_reference": "skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el9.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.s390x"
},
"product_reference": "skopeo-2:1.16.1-5.rhaos4.17.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el9.src as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.src"
},
"product_reference": "skopeo-2:1.16.1-5.rhaos4.17.el9.src",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64"
},
"product_reference": "skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64"
},
"product_reference": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le"
},
"product_reference": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x"
},
"product_reference": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64"
},
"product_reference": "skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64"
},
"product_reference": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le"
},
"product_reference": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x"
},
"product_reference": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64"
},
"product_reference": "skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64"
},
"product_reference": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le"
},
"product_reference": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x"
},
"product_reference": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64"
},
"product_reference": "skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-01T09:29:07+00:00",
"details": "For OpenShift Container Platform 4.17 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/release_notes/",
"product_ids": [
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5866"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-01T09:29:07+00:00",
"details": "For OpenShift Container Platform 4.17 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/release_notes/",
"product_ids": [
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5866"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-01T09:29:07+00:00",
"details": "For OpenShift Container Platform 4.17 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/release_notes/",
"product_ids": [
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5866"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:containernetworking-plugins-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debuginfo-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:containernetworking-plugins-debugsource-1:1.4.0-8.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:runc-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debuginfo-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:runc-debugsource-4:1.2.9-4.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:skopeo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debuginfo-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-debugsource-2:1.16.1-5.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:skopeo-tests-2:1.16.1-5.rhaos4.17.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
}
]
}
RHSA-2026:5968
Vulnerability from csaf_redhat - Published: 2026-03-26 19:47 - Updated: 2026-07-01 00:13A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch | — |
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch | — |
A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64 | — |
Workaround
|
A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and OpenShift, to perform a Man-in-the-Middle (MITM) attack. Such an attack could lead to the disclosure or alteration of sensitive information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64 | — |
Workaround
|
A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating a malicious compute resource server, an attacker could achieve remote code execution on the Foreman server when a user accesses VM VNC console functionality. This could lead to the compromise of sensitive credentials and the entire managed infrastructure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64 | — |
Workaround
|
A flaw was found in the Katello plugin for Red Hat Satellite. This vulnerability, caused by improper sanitization of user-provided input, allows a remote attacker to inject arbitrary SQL commands into the sort_by parameter of the /api/hosts/bootc_images API endpoint. This can lead to a Denial of Service (DoS) by triggering database errors, and potentially enable Boolean-based Blind SQL injection, which could allow an attacker to extract sensitive information from the database.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new release is now available for Red Hat Satellite 6.18 for RHEL 9.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity Fix(es):\n\n* yggdrasil-worker-forwarder: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n* yggdrasil-worker-forwarder: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n* yggdrasil-worker-forwarder: Unexpected session resumption in crypto/tls (CVE-2025-68121)\n* rubygem-rubyipmi: Remote Code Execution in rubyipmi via malicious BMC username (CVE-2026-0980)\n* rubygem-foreman_kubevirt: foreman_kubevirt: Man-in-the-Middle due to insecure default SSL verification (CVE-2026-1531)\n* foreman: Foreman: Remote Code Execution via command injection in WebSocket proxy (CVE-2026-1961)\n* rubygem-katello: Katello: Denial of Service and potential information disclosure via SQL injection (CVE-2026-4324)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:5968",
"url": "https://access.redhat.com/errata/RHSA-2026:5968"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "SAT-41530",
"url": "https://issues.redhat.com/browse/SAT-41530"
},
{
"category": "external",
"summary": "SAT-42707",
"url": "https://issues.redhat.com/browse/SAT-42707"
},
{
"category": "external",
"summary": "SAT-42708",
"url": "https://issues.redhat.com/browse/SAT-42708"
},
{
"category": "external",
"summary": "SAT-42710",
"url": "https://issues.redhat.com/browse/SAT-42710"
},
{
"category": "external",
"summary": "SAT-42711",
"url": "https://issues.redhat.com/browse/SAT-42711"
},
{
"category": "external",
"summary": "SAT-42712",
"url": "https://issues.redhat.com/browse/SAT-42712"
},
{
"category": "external",
"summary": "SAT-42713",
"url": "https://issues.redhat.com/browse/SAT-42713"
},
{
"category": "external",
"summary": "SAT-42714",
"url": "https://issues.redhat.com/browse/SAT-42714"
},
{
"category": "external",
"summary": "SAT-42715",
"url": "https://issues.redhat.com/browse/SAT-42715"
},
{
"category": "external",
"summary": "SAT-42716",
"url": "https://issues.redhat.com/browse/SAT-42716"
},
{
"category": "external",
"summary": "SAT-42717",
"url": "https://issues.redhat.com/browse/SAT-42717"
},
{
"category": "external",
"summary": "SAT-42718",
"url": "https://issues.redhat.com/browse/SAT-42718"
},
{
"category": "external",
"summary": "SAT-43310",
"url": "https://issues.redhat.com/browse/SAT-43310"
},
{
"category": "external",
"summary": "SAT-43742",
"url": "https://issues.redhat.com/browse/SAT-43742"
},
{
"category": "external",
"summary": "SAT-43743",
"url": "https://issues.redhat.com/browse/SAT-43743"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_5968.json"
}
],
"title": "Red Hat Security Advisory: Satellite 6.18.4 Async Update",
"tracking": {
"current_release_date": "2026-07-01T00:13:41+00:00",
"generator": {
"date": "2026-07-01T00:13:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:5968",
"initial_release_date": "2026-03-26T19:47:53+00:00",
"revision_history": [
{
"date": "2026-03-26T19:47:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-26T19:47:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:13:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.18 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.18::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.18 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.18::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.18 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.18::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "foreman-0:3.16.0.12-1.el9sat.src",
"product": {
"name": "foreman-0:3.16.0.12-1.el9sat.src",
"product_id": "foreman-0:3.16.0.12-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.16.0.12-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.16.0.6-1.el9sat.src",
"product": {
"name": "foreman-installer-1:3.16.0.6-1.el9sat.src",
"product_id": "foreman-installer-1:3.16.0.6-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.16.0.6-1.el9sat?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3.12-django-0:4.2.29-1.el9pc.src",
"product": {
"name": "python3.12-django-0:4.2.29-1.el9pc.src",
"product_id": "python3.12-django-0:4.2.29-1.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-django@4.2.29-1.el9pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"product": {
"name": "python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"product_id": "python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-pulp-container@2.24.5-1.el9pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"product": {
"name": "python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"product_id": "python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-pulpcore@3.73.26-1.el9pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"product": {
"name": "python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"product_id": "python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-pulp-rpm@3.29.9-1.el9pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"product": {
"name": "rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"product_id": "rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_kubevirt@0.4.3-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.18.0.9-1.el9sat.src",
"product": {
"name": "rubygem-katello-0:4.18.0.9-1.el9sat.src",
"product_id": "rubygem-katello-0:4.18.0.9-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.18.0.9-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"product": {
"name": "rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"product_id": "rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rubyipmi@0.13.0-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.18.4-2.el9sat.src",
"product": {
"name": "satellite-0:6.18.4-2.el9sat.src",
"product_id": "satellite-0:6.18.4-2.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.18.4-2.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"product": {
"name": "yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"product_id": "yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/yggdrasil-worker-forwarder@0.0.3-4.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"product": {
"name": "rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"product_id": "rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_rh_cloud@12.2.17-1.el9sat?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"product": {
"name": "foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"product_id": "foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.16.0.12-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"product": {
"name": "foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"product_id": "foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.16.0.12-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"product": {
"name": "foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"product_id": "foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-pcp@3.16.0.12-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.16.0.12-1.el9sat.noarch",
"product": {
"name": "foreman-0:3.16.0.12-1.el9sat.noarch",
"product_id": "foreman-0:3.16.0.12-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.16.0.12-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.16.0.12-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"product": {
"name": "foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"product_id": "foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.16.0.12-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"product": {
"name": "foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"product_id": "foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.16.0.12-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"product_id": "foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.16.0.12-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"product": {
"name": "foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"product_id": "foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.16.0.12-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"product_id": "foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.16.0.12-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"product": {
"name": "foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"product_id": "foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-redis@3.16.0.12-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.16.0.12-1.el9sat.noarch",
"product": {
"name": "foreman-service-0:3.16.0.12-1.el9sat.noarch",
"product_id": "foreman-service-0:3.16.0.12-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.16.0.12-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"product_id": "foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.16.0.12-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"product": {
"name": "foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"product_id": "foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.16.0.12-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"product": {
"name": "foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"product_id": "foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.16.0.6-1.el9sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"product": {
"name": "foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"product_id": "foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer-katello@3.16.0.6-1.el9sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3.12-django-0:4.2.29-1.el9pc.noarch",
"product": {
"name": "python3.12-django-0:4.2.29-1.el9pc.noarch",
"product_id": "python3.12-django-0:4.2.29-1.el9pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-django@4.2.29-1.el9pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"product": {
"name": "python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"product_id": "python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-pulp-container@2.24.5-1.el9pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"product": {
"name": "python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"product_id": "python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-pulpcore@3.73.26-1.el9pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"product": {
"name": "python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"product_id": "python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.12-pulp-rpm@3.29.9-1.el9pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"product": {
"name": "rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"product_id": "rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_kubevirt@0.4.3-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"product": {
"name": "rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"product_id": "rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.18.0.9-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"product": {
"name": "rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"product_id": "rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rubyipmi@0.13.0-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.18.4-2.el9sat.noarch",
"product": {
"name": "satellite-cli-0:6.18.4-2.el9sat.noarch",
"product_id": "satellite-cli-0:6.18.4-2.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.18.4-2.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.18.4-2.el9sat.noarch",
"product": {
"name": "satellite-capsule-0:6.18.4-2.el9sat.noarch",
"product_id": "satellite-capsule-0:6.18.4-2.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.18.4-2.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.18.4-2.el9sat.noarch",
"product": {
"name": "satellite-common-0:6.18.4-2.el9sat.noarch",
"product_id": "satellite-common-0:6.18.4-2.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.18.4-2.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"product": {
"name": "satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"product_id": "satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-obsolete-packages@6.18.4-2.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.18.4-2.el9sat.noarch",
"product": {
"name": "satellite-0:6.18.4-2.el9sat.noarch",
"product_id": "satellite-0:6.18.4-2.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.18.4-2.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"product": {
"name": "rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"product_id": "rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_rh_cloud@12.2.17-1.el9sat?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64",
"product": {
"name": "yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64",
"product_id": "yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/yggdrasil-worker-forwarder@0.0.3-4.el9sat?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.16.0.12-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src"
},
"product_reference": "foreman-0:3.16.0.12-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.16.0.12-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch"
},
"product_reference": "foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.16.0.6-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch"
},
"product_reference": "foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.16.0.6-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src"
},
"product_reference": "foreman-installer-1:3.16.0.6-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.16.0.12-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch"
},
"product_reference": "foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-django-0:4.2.29-1.el9pc.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch"
},
"product_reference": "python3.12-django-0:4.2.29-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-django-0:4.2.29-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src"
},
"product_reference": "python3.12-django-0:4.2.29-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulp-container-0:2.24.5-1.el9pc.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch"
},
"product_reference": "python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulp-container-0:2.24.5-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src"
},
"product_reference": "python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch"
},
"product_reference": "python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulp-rpm-0:3.29.9-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src"
},
"product_reference": "python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulpcore-0:3.73.26-1.el9pc.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch"
},
"product_reference": "python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulpcore-0:3.73.26-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src"
},
"product_reference": "python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch"
},
"product_reference": "rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rubyipmi-0:0.13.0-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src"
},
"product_reference": "rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.18.4-2.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src"
},
"product_reference": "satellite-0:6.18.4-2.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.18.4-2.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch"
},
"product_reference": "satellite-capsule-0:6.18.4-2.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.18.4-2.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.18.4-2.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch"
},
"product_reference": "satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.16.0.12-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src"
},
"product_reference": "foreman-0:3.16.0.12-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.16.0.12-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch"
},
"product_reference": "foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.18.4-2.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src"
},
"product_reference": "satellite-0:6.18.4-2.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.18.4-2.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.18.4-2.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.16.0.12-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch"
},
"product_reference": "foreman-0:3.16.0.12-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.16.0.12-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src"
},
"product_reference": "foreman-0:3.16.0.12-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.16.0.12-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch"
},
"product_reference": "foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.16.0.12-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch"
},
"product_reference": "foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.16.0.12-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch"
},
"product_reference": "foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.16.0.6-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch"
},
"product_reference": "foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.16.0.6-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src"
},
"product_reference": "foreman-installer-1:3.16.0.6-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.16.0.12-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch"
},
"product_reference": "foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.16.0.12-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.16.0.12-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch"
},
"product_reference": "foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.16.0.12-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch"
},
"product_reference": "foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.16.0.12-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.16.0.12-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch"
},
"product_reference": "foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.16.0.12-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch"
},
"product_reference": "foreman-service-0:3.16.0.12-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.16.0.12-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.16.0.12-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch"
},
"product_reference": "foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-django-0:4.2.29-1.el9pc.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch"
},
"product_reference": "python3.12-django-0:4.2.29-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-django-0:4.2.29-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src"
},
"product_reference": "python3.12-django-0:4.2.29-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulp-container-0:2.24.5-1.el9pc.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch"
},
"product_reference": "python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulp-container-0:2.24.5-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src"
},
"product_reference": "python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch"
},
"product_reference": "python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulp-rpm-0:3.29.9-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src"
},
"product_reference": "python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulpcore-0:3.73.26-1.el9pc.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch"
},
"product_reference": "python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.12-pulpcore-0:3.73.26-1.el9pc.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src"
},
"product_reference": "python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch"
},
"product_reference": "rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src"
},
"product_reference": "rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch"
},
"product_reference": "rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src"
},
"product_reference": "rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.18.0.9-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch"
},
"product_reference": "rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.18.0.9-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src"
},
"product_reference": "rubygem-katello-0:4.18.0.9-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch"
},
"product_reference": "rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rubyipmi-0:0.13.0-1.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src"
},
"product_reference": "rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.18.4-2.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch"
},
"product_reference": "satellite-0:6.18.4-2.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.18.4-2.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src"
},
"product_reference": "satellite-0:6.18.4-2.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.18.4-2.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.18.4-2.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.18.4-2.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.18.4-2.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch"
},
"product_reference": "satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src"
},
"product_reference": "yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64 as a component of Red Hat Satellite 6.18 for RHEL 9",
"product_id": "9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
},
"product_reference": "yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64",
"relates_to_product_reference": "9Base-satellite-6.18"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
],
"known_not_affected": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-26T19:47:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5968"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
],
"known_not_affected": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-26T19:47:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5968"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
],
"known_not_affected": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-26T19:47:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5968"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-0980",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-01-15T08:50:01.841000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429874"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubyipmi: Red Hat Satellite: Remote Code Execution in rubyipmi via malicious BMC username",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat Satellite because it requires the BMC component to be enabled and configured to use `ipmitool` as the IPMI implementation. An authenticated attacker with host creation or update permissions can exploit this by crafting a malicious BMC username. Exploitation is limited to environments meeting these specific configuration and permission requirements.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src"
],
"known_not_affected": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-0980"
},
{
"category": "external",
"summary": "RHBZ#2429874",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429874"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-0980",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0980"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-0980",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0980"
}
],
"release_date": "2020-01-15T08:08:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-26T19:47:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5968"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubyipmi: Red Hat Satellite: Remote Code Execution in rubyipmi via malicious BMC username"
},
{
"acknowledgments": [
{
"names": [
"Evgeni Golov"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2026-1531",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-01-28T12:50:13.269000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2433786"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and OpenShift, to perform a Man-in-the-Middle (MITM) attack. Such an attack could lead to the disclosure or alteration of sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "foreman-kubevirt: foreman_kubevirt: Man-in-the-Middle due to insecure default SSL verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an IMPORTANT flaw in foreman_kubevirt where the default configuration for connecting to OpenShift disables SSL verification if a CA certificate is not explicitly provided. This insecure default allows a remote attacker to perform a Man-in-the-Middle attack by intercepting network traffic between Satellite and OpenShift, potentially leading to information disclosure or alteration.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src"
],
"known_not_affected": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1531"
},
{
"category": "external",
"summary": "RHBZ#2433786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433786"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1531",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1531"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1531",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1531"
}
],
"release_date": "2026-01-28T12:34:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-26T19:47:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5968"
},
{
"category": "workaround",
"details": "To mitigate this issue, ensure that a Certificate Authority (CA) certificate is explicitly configured when setting up the connection to OpenShift in foreman_kubevirt. This will enable SSL verification and prevent Man-in-the-Middle attacks. Refer to the foreman_kubevirt documentation for specific instructions on configuring CA certificates. A restart or service reload may be required for the changes to take effect.",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "foreman-kubevirt: foreman_kubevirt: Man-in-the-Middle due to insecure default SSL verification"
},
{
"acknowledgments": [
{
"names": [
"Houssam Sahli"
]
}
],
"cve": "CVE-2026-1961",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-02-05T10:40:57.141000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437036"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman\u0027s WebSocket proxy implementation. This vulnerability arises from the system\u0027s use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating a malicious compute resource server, an attacker could achieve remote code execution on the Foreman server when a user accesses VM VNC console functionality. This could lead to the compromise of sensitive credentials and the entire managed infrastructure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "forman: Foreman: Remote Code Execution via command injection in WebSocket proxy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated as Important. Command injection vulnerability in Foreman\u0027s WebSocket proxy. Exploitation occurs when an administrator configures a malicious compute resource server and subsequently accesses its VM console functionality. Successful exploitation can lead to remote code execution on the Foreman server, potentially compromising sensitive credentials and the entire managed infrastructure.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch"
],
"known_not_affected": [
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1961"
},
{
"category": "external",
"summary": "RHBZ#2437036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437036"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1961",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1961"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1961",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1961"
}
],
"release_date": "2026-03-26T12:30:45.446000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-26T19:47:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5968"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "forman: Foreman: Remote Code Execution via command injection in WebSocket proxy"
},
{
"cve": "CVE-2026-4324",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2026-03-17T12:28:40.127000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448349"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Katello plugin for Red Hat Satellite. This vulnerability, caused by improper sanitization of user-provided input, allows a remote attacker to inject arbitrary SQL commands into the sort_by parameter of the /api/hosts/bootc_images API endpoint. This can lead to a Denial of Service (DoS) by triggering database errors, and potentially enable Boolean-based Blind SQL injection, which could allow an attacker to extract sensitive information from the database.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-katello: Katello: Denial of Service and potential information disclosure via SQL injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw in the Katello plugin for Red Hat Satellite allows an attacker to inject arbitrary SQL commands into the `/api/hosts/bootc_images` API endpoint. By manipulating the `sort_by` parameter, an attacker could trigger database errors, cause a Denial of Service, or potentially perform Boolean-based Blind SQL injection. This affects Red Hat Satellite installations utilizing the Katello plugin.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src"
],
"known_not_affected": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4324"
},
{
"category": "external",
"summary": "RHBZ#2448349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448349"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4324",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4324"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4324",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4324"
}
],
"release_date": "2026-03-17T13:18:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-26T19:47:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5968"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-satellite-6.18-capsule:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18-capsule:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18-capsule:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18-capsule:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-capsule:satellite-capsule-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-capsule:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18-utils:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18-utils:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18-utils:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18-utils:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-0:3.16.0.12-1.el9sat.src",
"9Base-satellite-6.18:foreman-cli-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-debug-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-dynflow-sidekiq-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-ec2-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-installer-1:3.16.0.6-1.el9sat.src",
"9Base-satellite-6.18:foreman-installer-katello-1:3.16.0.6-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-journald-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-libvirt-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-openstack-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-pcp-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-postgresql-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-redis-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-service-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-telemetry-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:foreman-vmware-0:3.16.0.12-1.el9sat.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-django-0:4.2.29-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-container-0:2.24.5-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulp-rpm-0:3.29.9-1.el9pc.src",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.noarch",
"9Base-satellite-6.18:python3.12-pulpcore-0:3.73.26-1.el9pc.src",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_kubevirt-0:0.4.3-1.el9sat.src",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-foreman_rh_cloud-0:12.2.17-1.el9sat.src",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-katello-0:4.18.0.9-1.el9sat.src",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.noarch",
"9Base-satellite-6.18:rubygem-rubyipmi-0:0.13.0-1.el9sat.src",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-0:6.18.4-2.el9sat.src",
"9Base-satellite-6.18:satellite-cli-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-common-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:satellite-obsolete-packages-0:6.18.4-2.el9sat.noarch",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.src",
"9Base-satellite-6.18:yggdrasil-worker-forwarder-0:0.0.3-4.el9sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-katello: Katello: Denial of Service and potential information disclosure via SQL injection"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.