Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-32281 (GCVE-0-2026-32281)
Vulnerability from cvelistv5 – Published: 2026-04-08 01:06 – Updated: 2026-04-13 18:19- CWE-407 - Inefficient Algorithmic Complexity
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | crypto/x509 |
Affected:
0 , < 1.25.9
(semver)
Affected: 1.26.0-0 , < 1.26.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-32281",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-13T17:52:37.734298Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T18:19:44.779Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "crypto/x509",
"product": "crypto/x509",
"programRoutines": [
{
"name": "policiesValid"
},
{
"name": "Certificate.Verify"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.25.9",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.26.2",
"status": "affected",
"version": "1.26.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jakub Ciolek - https://ciolek.dev"
}
],
"descriptions": [
{
"lang": "en",
"value": "Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-407: Inefficient Algorithmic Complexity",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T01:06:58.354Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/758061"
},
{
"url": "https://go.dev/issue/78281"
},
{
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"title": "Inefficient policy validation in crypto/x509"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-32281",
"datePublished": "2026-04-08T01:06:58.354Z",
"dateReserved": "2026-03-11T16:38:46.556Z",
"dateUpdated": "2026-04-13T18:19:44.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-32281",
"date": "2026-06-30",
"epss": "0.00349",
"percentile": "0.26767"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-32281\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2026-04-08T02:16:03.350\",\"lastModified\":\"2026-06-17T10:35:28.980\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"Go standard library\",\"product\":\"crypto/x509\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"crypto/x509\",\"programRoutines\":[{\"name\":\"policiesValid\"},{\"name\":\"Certificate.Verify\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"1.25.9\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"1.26.0-0\",\"lessThan\":\"1.26.2\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-04-13T17:52:37.734298Z\",\"id\":\"CVE-2026-32281\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.25.9\",\"matchCriteriaId\":\"C6C9C072-9817-402D-877F-F83584B07017\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.26.0\",\"versionEndExcluding\":\"1.26.2\",\"matchCriteriaId\":\"39FE9BAF-55E9-43AA-B14E-239E7EF1D65D\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/758061\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/78281\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\",\"Release Notes\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2026-4946\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-32281\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-13T17:52:37.734298Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-13T17:52:33.394Z\"}}], \"cna\": {\"title\": \"Inefficient policy validation in crypto/x509\", \"credits\": [{\"lang\": \"en\", \"value\": \"Jakub Ciolek - https://ciolek.dev\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"crypto/x509\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.25.9\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.26.0-0\", \"lessThan\": \"1.26.2\", \"versionType\": \"semver\"}], \"packageName\": \"crypto/x509\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"policiesValid\"}, {\"name\": \"Certificate.Verify\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/758061\"}, {\"url\": \"https://go.dev/issue/78281\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2026-4946\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-407: Inefficient Algorithmic Complexity\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2026-04-08T01:06:58.354Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-32281\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-13T18:19:44.779Z\", \"dateReserved\": \"2026-03-11T16:38:46.556Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2026-04-08T01:06:58.354Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:26571
Vulnerability from csaf_redhat - Published: 2026-06-17 13:17 - Updated: 2026-07-01 00:14A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le | — |
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le | — |
Workaround
|
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le | — |
Workaround
|
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le | — |
A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64 | — | ||
| Unresolved product id: OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le | — |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated OpenShift Compliance Operator image that fixes various bugs and adds new\nenhancements is now available for the Red Hat OpenShift Enterprise 4 catalog.",
"title": "Topic"
},
{
"category": "general",
"text": "The OpenShift Compliance Operator v1.9.1 is now available.\nSee the documentation for bug fix information:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/security_and_compliance/compliance-operator#compliance-operator-release-notes",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26571",
"url": "https://access.redhat.com/errata/RHSA-2026:26571"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32282",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32283",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33810",
"url": "https://access.redhat.com/security/cve/CVE-2026-33810"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26571.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Compliance Operator bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-07-01T00:14:45+00:00",
"generator": {
"date": "2026-07-01T00:14:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:26571",
"initial_release_date": "2026-06-17T13:17:24+00:00",
"revision_history": [
{
"date": "2026-06-17T13:17:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-17T13:17:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:14:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Compliance Operator 1",
"product": {
"name": "OpenShift Compliance Operator 1",
"product_id": "OpenShift Compliance Operator 1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_compliance_operator:1::el9"
}
}
}
],
"category": "product_family",
"name": "OpenShift Compliance Operator"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-operator-bundle@sha256%3Add5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be?arch=amd64\u0026repository_url=registry.redhat.io/compliance/openshift-compliance-operator-bundle\u0026tag=1781605005"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-content-rhel8@sha256%3A637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850?arch=amd64\u0026repository_url=registry.redhat.io/compliance/openshift-compliance-content-rhel8\u0026tag=1781599527"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-must-gather-rhel8@sha256%3Ab4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8?arch=amd64\u0026repository_url=registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8\u0026tag=1781205733"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-openscap-rhel8@sha256%3Ad2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71?arch=amd64\u0026repository_url=registry.redhat.io/compliance/openshift-compliance-openscap-rhel8\u0026tag=1781600013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-rhel8-operator@sha256%3Ae049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095?arch=amd64\u0026repository_url=registry.redhat.io/compliance/openshift-compliance-rhel8-operator\u0026tag=1781599863"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-content-rhel8@sha256%3A55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848?arch=arm64\u0026repository_url=registry.redhat.io/compliance/openshift-compliance-content-rhel8\u0026tag=1781599527"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-must-gather-rhel8@sha256%3Acfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada?arch=arm64\u0026repository_url=registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8\u0026tag=1781205733"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-openscap-rhel8@sha256%3A138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9?arch=arm64\u0026repository_url=registry.redhat.io/compliance/openshift-compliance-openscap-rhel8\u0026tag=1781600013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-rhel8-operator@sha256%3A7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47?arch=arm64\u0026repository_url=registry.redhat.io/compliance/openshift-compliance-rhel8-operator\u0026tag=1781599863"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-content-rhel8@sha256%3A2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance/openshift-compliance-content-rhel8\u0026tag=1781599527"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-must-gather-rhel8@sha256%3A754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8\u0026tag=1781205733"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-openscap-rhel8@sha256%3Acc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance/openshift-compliance-openscap-rhel8\u0026tag=1781600013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-rhel8-operator@sha256%3Aff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance/openshift-compliance-rhel8-operator\u0026tag=1781599863"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"product_id": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-content-rhel8@sha256%3Ae111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3?arch=s390x\u0026repository_url=registry.redhat.io/compliance/openshift-compliance-content-rhel8\u0026tag=1781599527"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"product_id": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-must-gather-rhel8@sha256%3A372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded?arch=s390x\u0026repository_url=registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8\u0026tag=1781205733"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"product_id": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-openscap-rhel8@sha256%3Afc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a?arch=s390x\u0026repository_url=registry.redhat.io/compliance/openshift-compliance-openscap-rhel8\u0026tag=1781600013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"product_id": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-rhel8-operator@sha256%3A4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef?arch=s390x\u0026repository_url=registry.redhat.io/compliance/openshift-compliance-rhel8-operator\u0026tag=1781599863"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le as a component of OpenShift Compliance Operator 1",
"product_id": "OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"relates_to_product_reference": "OpenShift Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64 as a component of OpenShift Compliance Operator 1",
"product_id": "OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"relates_to_product_reference": "OpenShift Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64 as a component of OpenShift Compliance Operator 1",
"product_id": "OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"relates_to_product_reference": "OpenShift Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x as a component of OpenShift Compliance Operator 1",
"product_id": "OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"relates_to_product_reference": "OpenShift Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x as a component of OpenShift Compliance Operator 1",
"product_id": "OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"relates_to_product_reference": "OpenShift Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le as a component of OpenShift Compliance Operator 1",
"product_id": "OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"relates_to_product_reference": "OpenShift Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64 as a component of OpenShift Compliance Operator 1",
"product_id": "OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"relates_to_product_reference": "OpenShift Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64 as a component of OpenShift Compliance Operator 1",
"product_id": "OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"relates_to_product_reference": "OpenShift Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64 as a component of OpenShift Compliance Operator 1",
"product_id": "OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"relates_to_product_reference": "OpenShift Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le as a component of OpenShift Compliance Operator 1",
"product_id": "OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"relates_to_product_reference": "OpenShift Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64 as a component of OpenShift Compliance Operator 1",
"product_id": "OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"relates_to_product_reference": "OpenShift Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x as a component of OpenShift Compliance Operator 1",
"product_id": "OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"relates_to_product_reference": "OpenShift Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64 as a component of OpenShift Compliance Operator 1",
"product_id": "OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64",
"relates_to_product_reference": "OpenShift Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x as a component of OpenShift Compliance Operator 1",
"product_id": "OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"relates_to_product_reference": "OpenShift Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64 as a component of OpenShift Compliance Operator 1",
"product_id": "OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"relates_to_product_reference": "OpenShift Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64 as a component of OpenShift Compliance Operator 1",
"product_id": "OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"relates_to_product_reference": "OpenShift Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le as a component of OpenShift Compliance Operator 1",
"product_id": "OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le",
"relates_to_product_reference": "OpenShift Compliance Operator 1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64"
],
"known_not_affected": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T13:17:24+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your\nsystem have been applied. For details on how to apply this update, refer to:\n \nhttps://docs.openshift.com/container-platform/latest/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64"
],
"known_not_affected": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T13:17:24+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your\nsystem have been applied. For details on how to apply this update, refer to:\n \nhttps://docs.openshift.com/container-platform/latest/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64"
],
"known_not_affected": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T13:17:24+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your\nsystem have been applied. For details on how to apply this update, refer to:\n \nhttps://docs.openshift.com/container-platform/latest/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64"
],
"known_not_affected": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T13:17:24+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your\nsystem have been applied. For details on how to apply this update, refer to:\n \nhttps://docs.openshift.com/container-platform/latest/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
},
{
"cve": "CVE-2026-33810",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-08T02:01:09.100830+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456335"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64"
],
"known_not_affected": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33810"
},
{
"category": "external",
"summary": "RHBZ#2456335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456335"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33810",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"category": "external",
"summary": "https://go.dev/cl/763763",
"url": "https://go.dev/cl/763763"
},
{
"category": "external",
"summary": "https://go.dev/issue/78332",
"url": "https://go.dev/issue/78332"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4866",
"url": "https://pkg.go.dev/vuln/GO-2026-4866"
}
],
"release_date": "2026-04-08T01:06:56.546000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T13:17:24+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your\nsystem have been applied. For details on how to apply this update, refer to:\n \nhttps://docs.openshift.com/container-platform/latest/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:2a0f0b93de03891816258421c4ed80e784edf101b504afec5f40f7de3f30f24c_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:55b062c25c2ac2db43aaba84d6f2385241d866aec42385271b1bda26f019d848_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:637b85ceff1e49c9c09bdbe8728afe90090b48948ad4c828d573d2b1375e7850_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:e111b20260696447ae76f0c3d7bdbade3310b4819e8354ae48583f3ca91861e3_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:372578fd564128ed32a88e09594ba16a7ec3c061a8157c88abae757418ccaded_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:754211edf86bc9ddbf20deba2f2eb518f86747678843f0fc928ee675fcf720a4_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b4712b2728c2807401a6f25a3e6b0e4aa5611e5d97b06979c65ea0fb722c57a8_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:cfb65df163b8c3870132a4a5568f982f1af966d0820e18e99adbfc4fa3ca6ada_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:138d6ba8e1b5a3745294e6eb46d23614bba97ab118a4c3689283afc314e7abb9_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:cc59d7a70c3fa544287c547c1e682bab494c38d6b7970740ab80f0aee4aa73aa_ppc64le",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:d2c692acac9c5c940b44cf0e101ed008ca87e54785983e3d926dbff197d55f71_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:fc9341140942df8b2a3b4c4e6aad53e39359b7ea9323ab306fcf791b5713639a_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:dd5ac6b523658a5d8a07c39e20b6538686d8680d16aec8ffb0c0568a586d34be_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:4b1711f8797d6fa769988788e57be4949e14a4c8ef2b0f771fb1bd9692e16bef_s390x",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:7b2ee5ad206e3927ebf154a90c07b9504b4bc9277555927319d8c802962fca47_arm64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:e049f9e0b136ff6a0fd940b74acfab5aa0b0b09981b64202e1bbcfe980da7095_amd64",
"OpenShift Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:ff3fe41e6e368a377103afdb386ecb86107d2091439309927b4f5c19af793a88_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application"
}
]
}
RHSA-2026:26585
Vulnerability from csaf_redhat - Published: 2026-06-17 13:40 - Updated: 2026-07-01 00:10The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x | — |
Workaround
|
A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x | — |
Workaround
|
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x | — |
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x | — |
Workaround
|
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x | — |
Workaround
|
A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x | — |
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Logging for Red Hat OpenShift - 6.0.15",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Logging 6.0.15 is a cluster-wide logging solution for OpenShift that collects and manages applications, infrastructure, and audit logs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26585",
"url": "https://access.redhat.com/errata/RHSA-2026:26585"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32282",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33810",
"url": "https://access.redhat.com/security/cve/CVE-2026-33810"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27137",
"url": "https://access.redhat.com/security/cve/CVE-2026-27137"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26585.json"
}
],
"title": "Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.0.15",
"tracking": {
"current_release_date": "2026-07-01T00:10:47+00:00",
"generator": {
"date": "2026-07-01T00:10:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:26585",
"initial_release_date": "2026-06-17T13:40:23+00:00",
"revision_history": [
{
"date": "2026-06-17T13:40:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-17T13:40:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:10:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Logging Subsystem for Red Hat OpenShift 6.0",
"product": {
"name": "Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:6.0::el9"
}
}
}
],
"category": "product_family",
"name": "Logging Subsystem for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3A7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=1781192926"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256%3A6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=1781196145"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3A8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=1781192891"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3Ad35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=1781192874"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=1781193075"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3A7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=1781192924"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"product_id": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256%3A36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=1781196156"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3A54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=1781192909"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3Abbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=1781192910"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3A0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=1781193225"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3A56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=1781192926"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3A9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=1781192891"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=1781192874"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=1781193075"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3Af635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=1781192924"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3A1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=1781192909"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3Af0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=1781192910"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3A80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=1781193225"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3A82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=1781192926"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3Aa13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=1781192891"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=1781192874"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=1781193075"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3A69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=1781192924"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3Aee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=1781192909"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3Ace9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=1781192910"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3Ae80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=1781193225"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3Ab166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=1781192926"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3Ad591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=1781192891"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=1781192874"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=1781193075"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3A0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=1781192924"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3Aae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=1781192909"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3Af75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=1781192910"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3A732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=1781193225"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.0",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T13:40:23+00:00",
"details": "For OpenShift Container Platform 4.16 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/release_notes/ocp-4-16-release-notes\n\nFor Red Hat OpenShift Logging 6.0, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.0",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26585"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-27137",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-03-06T22:01:38.859733+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445345"
}
],
"notes": [
{
"category": "description",
"text": "A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27137"
},
{
"category": "external",
"summary": "RHBZ#2445345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445345"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27137",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137"
},
{
"category": "external",
"summary": "https://go.dev/cl/752182",
"url": "https://go.dev/cl/752182"
},
{
"category": "external",
"summary": "https://go.dev/issue/77952",
"url": "https://go.dev/issue/77952"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4599",
"url": "https://pkg.go.dev/vuln/GO-2026-4599"
}
],
"release_date": "2026-03-06T21:28:13.748000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T13:40:23+00:00",
"details": "For OpenShift Container Platform 4.16 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/release_notes/ocp-4-16-release-notes\n\nFor Red Hat OpenShift Logging 6.0, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.0",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26585"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T13:40:23+00:00",
"details": "For OpenShift Container Platform 4.16 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/release_notes/ocp-4-16-release-notes\n\nFor Red Hat OpenShift Logging 6.0, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.0",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26585"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T13:40:23+00:00",
"details": "For OpenShift Container Platform 4.16 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/release_notes/ocp-4-16-release-notes\n\nFor Red Hat OpenShift Logging 6.0, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.0",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26585"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T13:40:23+00:00",
"details": "For OpenShift Container Platform 4.16 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/release_notes/ocp-4-16-release-notes\n\nFor Red Hat OpenShift Logging 6.0, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.0",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26585"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-33810",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-08T02:01:09.100830+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456335"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33810"
},
{
"category": "external",
"summary": "RHBZ#2456335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456335"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33810",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"category": "external",
"summary": "https://go.dev/cl/763763",
"url": "https://go.dev/cl/763763"
},
{
"category": "external",
"summary": "https://go.dev/issue/78332",
"url": "https://go.dev/issue/78332"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4866",
"url": "https://pkg.go.dev/vuln/GO-2026-4866"
}
],
"release_date": "2026-04-08T01:06:56.546000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T13:40:23+00:00",
"details": "For OpenShift Container Platform 4.16 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/release_notes/ocp-4-16-release-notes\n\nFor Red Hat OpenShift Logging 6.0, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.0",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26585"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T13:40:23+00:00",
"details": "For OpenShift Container Platform 4.16 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/release_notes/ocp-4-16-release-notes\n\nFor Red Hat OpenShift Logging 6.0, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.0",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26585"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:6f4dbc7f3632ae47eb17aa2ce9e336e6e7710ac1fbfcb4c894012a98819b78ca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56fa9c22636ebd58eb0fdfcb85895913b9d06c5c0497603a3beff5e5bebf9eb9_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:7d3c7fea6ca43095f8b4bd8cd6e7e5aea6aa2d910a0a65f4491bfb3aac0256da_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:82a08bc9410eaa8f27ab05aff287763e2e70611fb8cac4aedb2c864cb1ee44cb_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:b166bced3166496816f40414c18d281e5628b17d151b588ec922e92c9e63f3c7_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8395c91f0f78efd970aa266afbfd507a2f811fa77b0f110e417371f217f485b0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:9049f1ba021aa03467478e05352c39ed1aa1289e88617d2ba7e6a9c1baa05b30_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:a13d9dd8d1bb24802e3c126e3d2f9f2f2f198d663c0946d53da3e7cf6e5e6594_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d591290a85cc270295de4ebcedf7b0f4c5007f51a22d2a6367e69add9c7249d6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:12eb0a87d3da10cf10cd734d031000b5aba503d243ba8bcdfe12a7e6d775c350_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:3a280f9e6d1b301e829de78b22b5a9ac93f02818327d873f300da055628c966c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:9c5897a18b1a166ae26c17db401bc958cdc7a4a69adc4a0ff814b372ad2a3f93_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:d35ece1b60c6649b54534c9b11fea3b53f3a4e742a2ade0a07e6a28307414ed8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:350f5c0350d2e3735209797b55586300278474b085fd8de797603851d74252fa_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:66c870df2255862b975babe3fca6dee83b948db90b0f739ed3ee002b7fcfb90b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:8f3b6f87de69f0cbf60fcf7b07a115c925284c2ed95e438694e6d5282e518be2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9f95efc1f2d811a2ce855ee1387977f50548472f3bc08b46d814b65ba398ccaf_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:36742ce39ffd92b07cf02a7f51ade042862320d4b0beee09f6f0a71a23d1e724_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0813ad39035209eac48727d10da0770d5d0e0fe94f84ed8ed0a7cb946fd5085a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:69a9234a530751f1e7e34bfb21a8a79b7e3db6a7902722486f72b85bfc7b8cc3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7c561f6ea0662b5a7bde51ff65019c128b65bfefe3f1388e23669a6ffd130c9f_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f635ba63420aca986bd1f6a057b778c49957f26342df18849ff4b99fd318ac9f_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:1af5b63614997f6be796b2774d2031ebc3404d68440460f0edd9ecb7024e5a8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:54790ceaf3aa3bf15641c4ce1a0b8a5c0bea597e15e240cdf1c2d3715cd819e8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ae2bb75f3c8e3c42cb22622114c63a67fc98a844bf10b313afed13afa7b3297d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ee7c050cbd350c8ed01594fd3c7662c361b16a23ad6ef54ad1aefae7788729a8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:bbe422b9d9e942072164a42c4ab57053867bc62cba0ddf53f7e7eac56ef53cd7_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:ce9658374396ecd1c9921e4ec4bd33eede25bb83568e0b401b6f9d1a053f58e4_s390x",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f0a4742ef2ba98180910b76006c356e77325d8f12741459db4f065835aad2d2a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:f75b0b4ee4721d4424ece1becab440719c30f9385d3abd67cc2c75e7b56f0c7f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:0e33e09065da575886194b76f1bd46cf1a435e036db6fc9511e8ff2ee27b8bc6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:732875c0ed445bb2708e870d3f561d6dc5a36c80cc42ebf63f4c30ae7674396d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:80bf91b17c814c4bc5b8ddcb0aaeb252089067e7d0590d00afbaa175f5500e34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.0:registry.redhat.io/openshift-logging/vector-rhel9@sha256:e80901561adb7ba09db77b3cc8aa7a754ce078370ef0507064fee60ff448d3d2_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
RHSA-2026:26636
Vulnerability from csaf_redhat - Published: 2026-06-17 15:22 - Updated: 2026-07-01 00:26A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — |
Workaround
|
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — |
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Workaround
|
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Workaround
|
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Workaround
|
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — |
Workaround
|
A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — |
Workaround
|
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Custom Metrics Autoscaler Operator for Red Hat OpenShift updates.\n\nThe following updates for the Custom Metric Autoscaler operator for Red Hat\nOpenShift are now available:\n\n* custom-metrics-autoscaler-adapter-container\n* custom-metrics-autoscaler-admission-webhooks-container\n* custom-metrics-autoscaler-container\n* custom-metrics-autoscaler-operator-bundle-container\n* custom-metrics-autoscaler-operator-container\n* custom-metrics-autoscaler-http-add-on-interceptor-container\n* custom-metrics-autoscaler-http-add-on-operator-container\n* custom-metrics-autoscaler-http-add-on-scaler-container",
"title": "Topic"
},
{
"category": "general",
"text": "The Custom Metrics Autoscaler Operator for Red Hat OpenShift is an optional operator, based on the Kubernetes Event Driven Autoscaler (KEDA), which allows workloads to be scaled using additional metrics sources other than pod metrics.\nThis release is based upon KEDA 2.19.0",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26636",
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61728",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68121",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32282",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32283",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33815",
"url": "https://access.redhat.com/security/cve/CVE-2026-33815"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33816",
"url": "https://access.redhat.com/security/cve/CVE-2026-33816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26636.json"
}
],
"title": "Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.19.0-1 Update",
"tracking": {
"current_release_date": "2026-07-01T00:26:12+00:00",
"generator": {
"date": "2026-07-01T00:26:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:26636",
"initial_release_date": "2026-06-17T15:22:46+00:00",
"revision_history": [
{
"date": "2026-06-17T15:22:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-17T15:22:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:26:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Custom Metric Autoscaler 2.19",
"product": {
"name": "Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9"
}
}
}
],
"category": "product_family",
"name": "Custom Metric Autoscaler"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-rhel9-operator@sha256%3A364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator\u0026tag=1779953535"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-operator-bundle@sha256%3A6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle\u0026tag=1780104005"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256%3A46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9\u0026tag=1780088012"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256%3A8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9\u0026tag=1780088020"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256%3A68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9\u0026tag=1780088006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-adapter-rhel9@sha256%3A203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9\u0026tag=1780101236"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-rhel9@sha256%3Acfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9\u0026tag=1780101239"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256%3A2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9\u0026tag=1780101226"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-rhel9-operator@sha256%3A09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952?arch=arm64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator\u0026tag=1779953535"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256%3A76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b?arch=arm64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9\u0026tag=1780088012"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256%3Ab8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2?arch=arm64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9\u0026tag=1780088020"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256%3A4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4?arch=arm64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9\u0026tag=1780088006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-adapter-rhel9@sha256%3A5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1?arch=arm64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9\u0026tag=1780101236"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-rhel9@sha256%3A54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859?arch=arm64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9\u0026tag=1780101239"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256%3A0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376?arch=arm64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9\u0026tag=1780101226"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-rhel9-operator@sha256%3A475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4?arch=ppc64le\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator\u0026tag=1779953535"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256%3A1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a?arch=ppc64le\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9\u0026tag=1780088012"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256%3A9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef?arch=ppc64le\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9\u0026tag=1780088020"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256%3A4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567?arch=ppc64le\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9\u0026tag=1780088006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-adapter-rhel9@sha256%3Aafea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f?arch=ppc64le\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9\u0026tag=1780101236"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-rhel9@sha256%3A0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e?arch=ppc64le\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9\u0026tag=1780101239"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256%3Afef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9?arch=ppc64le\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9\u0026tag=1780101226"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-rhel9-operator@sha256%3A53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379?arch=s390x\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator\u0026tag=1779953535"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256%3Aa52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6?arch=s390x\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9\u0026tag=1780088012"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256%3A1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d?arch=s390x\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9\u0026tag=1780088020"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256%3A71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298?arch=s390x\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9\u0026tag=1780088006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-adapter-rhel9@sha256%3Afa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4?arch=s390x\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9\u0026tag=1780101236"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-rhel9@sha256%3Ab875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff?arch=s390x\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9\u0026tag=1780101239"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256%3Acff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7?arch=s390x\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9\u0026tag=1780101226"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
},
{
"cve": "CVE-2026-33815",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-07T16:01:25.130006+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455975"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33815"
},
{
"category": "external",
"summary": "RHBZ#2455975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455975"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33815",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33815"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4771",
"url": "https://pkg.go.dev/vuln/GO-2026-4771"
}
],
"release_date": "2026-04-07T15:19:24.344000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability"
},
{
"cve": "CVE-2026-33816",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-07T16:01:14.142946+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455972"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33816"
},
{
"category": "external",
"summary": "RHBZ#2455972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33816",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4772",
"url": "https://pkg.go.dev/vuln/GO-2026-4772"
}
],
"release_date": "2026-04-07T15:19:24.529000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
RHSA-2026:27076
Vulnerability from csaf_redhat - Published: 2026-06-18 17:24 - Updated: 2026-07-01 01:13A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src | — |
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src | — |
Workaround
|
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src | — |
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src | — |
Workaround
|
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src | — |
Workaround
|
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64 | — | ||
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src | — | ||
| Unresolved product id: 9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch | — | ||
| Unresolved product id: 9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src | — |
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src | — |
Workaround
|
A flaw was found in Pillow, a Python imaging library. This vulnerability allows a remote attacker to trigger a denial of service (DoS) by providing a specially crafted FITS image file. The library's failure to limit the amount of GZIP-compressed data during decoding can lead to unbounded memory consumption, causing the system to crash or experience severe performance issues.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Satellite 6.16 for RHEL 8 and RHEL 9.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity Fix(es):\n\n* python-pillow: Pillow: Denial of Service via decompression bomb in FITS image processing (CVE-2026-40192)\n\n* yggdrasil-worker-forwarder: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n\n* dynflow-utils: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n\n* satellite:el8/yggdrasil-worker-forwarder: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation (CVE-2026-33186)\n\n* yggdrasil-worker-forwarder: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation (CVE-2026-33186)\n\n* yggdrasil-worker-forwarder: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* satellite:el8/yggdrasil-worker-forwarder: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* satellite:el8/yggdrasil-worker-forwarder: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n\n* satellite:el8/yggdrasil-worker-forwarder: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\n* yggdrasil-worker-forwarder: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\n* yggdrasil-worker-forwarder: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\n* satellite:el8/yggdrasil-worker-forwarder: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\n* satellite:el8/yggdrasil-worker-forwarder: Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)\n\n* yggdrasil-worker-forwarder: Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)\n\nBug Fix(es):\n\n* orphan cleanup triggers CapsuleContent::UpdateContentCounts regardless of automatic_content_count_updates setting (SAT-45906)\n\n* The custom repository fails to sync with the Capsule server, resulting in an error (SAT-44720)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:27076",
"url": "https://access.redhat.com/errata/RHSA-2026:27076"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "2458856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458856"
},
{
"category": "external",
"summary": "SAT-44720",
"url": "https://issues.redhat.com/browse/SAT-44720"
},
{
"category": "external",
"summary": "SAT-45906",
"url": "https://issues.redhat.com/browse/SAT-45906"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_27076.json"
}
],
"title": "Red Hat Security Advisory: Satellite 6.16.9 Async Update",
"tracking": {
"current_release_date": "2026-07-01T01:13:50+00:00",
"generator": {
"date": "2026-07-01T01:13:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:27076",
"initial_release_date": "2026-06-18T17:24:02+00:00",
"revision_history": [
{
"date": "2026-06-18T17:24:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-18T17:24:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T01:13:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.16::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.16::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-maintenance",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_maintenance:6.16::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.16::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.16::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.16::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-maintenance",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_maintenance:6.16::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.16::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "dynflow-utils-0:1.6.3-1.1.el8sat.src",
"product": {
"name": "dynflow-utils-0:1.6.3-1.1.el8sat.src",
"product_id": "dynflow-utils-0:1.6.3-1.1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dynflow-utils@1.6.3-1.1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pillow-0:12.2.0-1.el8pc.src",
"product": {
"name": "python-pillow-0:12.2.0-1.el8pc.src",
"product_id": "python-pillow-0:12.2.0-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow@12.2.0-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-ansible-1:0.21.10-4.el8pc.src",
"product": {
"name": "python-pulp-ansible-1:0.21.10-4.el8pc.src",
"product_id": "python-pulp-ansible-1:0.21.10-4.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-ansible@0.21.10-4.el8pc?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-pulp-rpm-0:3.26.8-1.el8pc.src",
"product": {
"name": "python-pulp-rpm-0:3.26.8-1.el8pc.src",
"product_id": "python-pulp-rpm-0:3.26.8-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-rpm@3.26.8-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"product": {
"name": "rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"product_id": "rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_maintain@1.7.14-1.el8sat?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.14.0.20-1.el8sat.src",
"product": {
"name": "rubygem-katello-0:4.14.0.20-1.el8sat.src",
"product_id": "rubygem-katello-0:4.14.0.20-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.14.0.20-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.16.9-1.el8sat.src",
"product": {
"name": "satellite-0:6.16.9-1.el8sat.src",
"product_id": "satellite-0:6.16.9-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.16.9-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-lifecycle-0:6.16.0-3.el8sat.src",
"product": {
"name": "satellite-lifecycle-0:6.16.0-3.el8sat.src",
"product_id": "satellite-lifecycle-0:6.16.0-3.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-lifecycle@6.16.0-3.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"product": {
"name": "yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"product_id": "yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/yggdrasil-worker-forwarder@0.0.3-5.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "dynflow-utils-0:1.6.3-1.1.el9sat.src",
"product": {
"name": "dynflow-utils-0:1.6.3-1.1.el9sat.src",
"product_id": "dynflow-utils-0:1.6.3-1.1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dynflow-utils@1.6.3-1.1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pillow-0:12.2.0-1.el9pc.src",
"product": {
"name": "python-pillow-0:12.2.0-1.el9pc.src",
"product_id": "python-pillow-0:12.2.0-1.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow@12.2.0-1.el9pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-ansible-1:0.21.10-4.el9pc.src",
"product": {
"name": "python-pulp-ansible-1:0.21.10-4.el9pc.src",
"product_id": "python-pulp-ansible-1:0.21.10-4.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-ansible@0.21.10-4.el9pc?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-pulp-rpm-0:3.26.8-1.el9pc.src",
"product": {
"name": "python-pulp-rpm-0:3.26.8-1.el9pc.src",
"product_id": "python-pulp-rpm-0:3.26.8-1.el9pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-rpm@3.26.8-1.el9pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"product": {
"name": "rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"product_id": "rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_maintain@1.7.14-1.el9sat?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.14.0.20-1.el9sat.src",
"product": {
"name": "rubygem-katello-0:4.14.0.20-1.el9sat.src",
"product_id": "rubygem-katello-0:4.14.0.20-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.14.0.20-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.16.9-1.el9sat.src",
"product": {
"name": "satellite-0:6.16.9-1.el9sat.src",
"product_id": "satellite-0:6.16.9-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.16.9-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-lifecycle-0:6.16.0-3.el9sat.src",
"product": {
"name": "satellite-lifecycle-0:6.16.0-3.el9sat.src",
"product_id": "satellite-lifecycle-0:6.16.0-3.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-lifecycle@6.16.0-3.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"product": {
"name": "yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"product_id": "yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/yggdrasil-worker-forwarder@0.0.3-5.el9sat?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"product": {
"name": "dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"product_id": "dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dynflow-utils@1.6.3-1.1.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"product": {
"name": "python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"product_id": "python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pillow@12.2.0-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"product": {
"name": "python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"product_id": "python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow-debugsource@12.2.0-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"product": {
"name": "python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"product_id": "python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pillow-debuginfo@12.2.0-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"product": {
"name": "yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"product_id": "yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/yggdrasil-worker-forwarder@0.0.3-5.el8sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"product": {
"name": "dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"product_id": "dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/dynflow-utils@1.6.3-1.1.el9sat?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"product": {
"name": "python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"product_id": "python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pillow@12.2.0-1.el9pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"product": {
"name": "python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"product_id": "python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow-debugsource@12.2.0-1.el9pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"product": {
"name": "python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"product_id": "python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pillow-debuginfo@12.2.0-1.el9pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64",
"product": {
"name": "yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64",
"product_id": "yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/yggdrasil-worker-forwarder@0.0.3-5.el9sat?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"product": {
"name": "python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"product_id": "python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pulp-ansible@0.21.10-4.el8pc?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"product": {
"name": "python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"product_id": "python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pulp-rpm@3.26.8-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"product_id": "rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_maintain@1.7.14-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"product": {
"name": "rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"product_id": "rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.14.0.20-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.16.9-1.el8sat.noarch",
"product": {
"name": "satellite-capsule-0:6.16.9-1.el8sat.noarch",
"product_id": "satellite-capsule-0:6.16.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.16.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.16.9-1.el8sat.noarch",
"product": {
"name": "satellite-common-0:6.16.9-1.el8sat.noarch",
"product_id": "satellite-common-0:6.16.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.16.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.16.9-1.el8sat.noarch",
"product": {
"name": "satellite-0:6.16.9-1.el8sat.noarch",
"product_id": "satellite-0:6.16.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.16.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.16.9-1.el8sat.noarch",
"product": {
"name": "satellite-cli-0:6.16.9-1.el8sat.noarch",
"product_id": "satellite-cli-0:6.16.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.16.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"product": {
"name": "satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"product_id": "satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-lifecycle@6.16.0-3.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"product": {
"name": "python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"product_id": "python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pulp-ansible@0.21.10-4.el9pc?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"product": {
"name": "python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"product_id": "python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pulp-rpm@3.26.8-1.el9pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"product": {
"name": "rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"product_id": "rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_maintain@1.7.14-1.el9sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"product": {
"name": "rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"product_id": "rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.14.0.20-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.16.9-1.el9sat.noarch",
"product": {
"name": "satellite-capsule-0:6.16.9-1.el9sat.noarch",
"product_id": "satellite-capsule-0:6.16.9-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.16.9-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.16.9-1.el9sat.noarch",
"product": {
"name": "satellite-common-0:6.16.9-1.el9sat.noarch",
"product_id": "satellite-common-0:6.16.9-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.16.9-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.16.9-1.el9sat.noarch",
"product": {
"name": "satellite-0:6.16.9-1.el9sat.noarch",
"product_id": "satellite-0:6.16.9-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.16.9-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.16.9-1.el9sat.noarch",
"product": {
"name": "satellite-cli-0:6.16.9-1.el9sat.noarch",
"product_id": "satellite-cli-0:6.16.9-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.16.9-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"product": {
"name": "satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"product_id": "satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-lifecycle@6.16.0-3.el9sat?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dynflow-utils-0:1.6.3-1.1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src"
},
"product_reference": "dynflow-utils-0:1.6.3-1.1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dynflow-utils-0:1.6.3-1.1.el8sat.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64"
},
"product_reference": "dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-0:12.2.0-1.el8pc.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src"
},
"product_reference": "python-pillow-0:12.2.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64"
},
"product_reference": "python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-ansible-1:0.21.10-4.el8pc.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src"
},
"product_reference": "python-pulp-ansible-1:0.21.10-4.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.26.8-1.el8pc.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src"
},
"product_reference": "python-pulp-rpm-0:3.26.8-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-0:12.2.0-1.el8pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64"
},
"product_reference": "python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64"
},
"product_reference": "python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch"
},
"product_reference": "python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch"
},
"product_reference": "python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.7.14-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src"
},
"product_reference": "rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.9-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src"
},
"product_reference": "satellite-0:6.16.9-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.16.9-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.16.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.16.9-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.16.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.7.14-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src"
},
"product_reference": "rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.9-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src"
},
"product_reference": "satellite-0:6.16.9-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.16.9-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.16.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dynflow-utils-0:1.6.3-1.1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src"
},
"product_reference": "dynflow-utils-0:1.6.3-1.1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dynflow-utils-0:1.6.3-1.1.el8sat.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64"
},
"product_reference": "dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-0:12.2.0-1.el8pc.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src"
},
"product_reference": "python-pillow-0:12.2.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64"
},
"product_reference": "python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-ansible-1:0.21.10-4.el8pc.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src"
},
"product_reference": "python-pulp-ansible-1:0.21.10-4.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.26.8-1.el8pc.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src"
},
"product_reference": "python-pulp-rpm-0:3.26.8-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-0:12.2.0-1.el8pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64"
},
"product_reference": "python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64"
},
"product_reference": "python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch"
},
"product_reference": "python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch"
},
"product_reference": "python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.7.14-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src"
},
"product_reference": "rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.14.0.20-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch"
},
"product_reference": "rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.14.0.20-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src"
},
"product_reference": "rubygem-katello-0:4.14.0.20-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.9-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.16.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.9-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src"
},
"product_reference": "satellite-0:6.16.9-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.16.9-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.16.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.16.9-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.16.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-lifecycle-0:6.16.0-3.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch"
},
"product_reference": "satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-lifecycle-0:6.16.0-3.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src"
},
"product_reference": "satellite-lifecycle-0:6.16.0-3.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src"
},
"product_reference": "yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64"
},
"product_reference": "yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dynflow-utils-0:1.6.3-1.1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src"
},
"product_reference": "dynflow-utils-0:1.6.3-1.1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dynflow-utils-0:1.6.3-1.1.el9sat.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64"
},
"product_reference": "dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-0:12.2.0-1.el9pc.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src"
},
"product_reference": "python-pillow-0:12.2.0-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64"
},
"product_reference": "python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-ansible-1:0.21.10-4.el9pc.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src"
},
"product_reference": "python-pulp-ansible-1:0.21.10-4.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.26.8-1.el9pc.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src"
},
"product_reference": "python-pulp-rpm-0:3.26.8-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-0:12.2.0-1.el9pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64"
},
"product_reference": "python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64"
},
"product_reference": "python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch"
},
"product_reference": "python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch"
},
"product_reference": "python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch"
},
"product_reference": "rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.7.14-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src"
},
"product_reference": "rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.9-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src"
},
"product_reference": "satellite-0:6.16.9-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.16.9-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch"
},
"product_reference": "satellite-capsule-0:6.16.9-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.16.9-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.16.9-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch"
},
"product_reference": "rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.7.14-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src"
},
"product_reference": "rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.9-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src"
},
"product_reference": "satellite-0:6.16.9-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.16.9-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.16.9-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dynflow-utils-0:1.6.3-1.1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src"
},
"product_reference": "dynflow-utils-0:1.6.3-1.1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dynflow-utils-0:1.6.3-1.1.el9sat.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64"
},
"product_reference": "dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-0:12.2.0-1.el9pc.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src"
},
"product_reference": "python-pillow-0:12.2.0-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64"
},
"product_reference": "python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-ansible-1:0.21.10-4.el9pc.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src"
},
"product_reference": "python-pulp-ansible-1:0.21.10-4.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.26.8-1.el9pc.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src"
},
"product_reference": "python-pulp-rpm-0:3.26.8-1.el9pc.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-0:12.2.0-1.el9pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64"
},
"product_reference": "python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64"
},
"product_reference": "python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch"
},
"product_reference": "python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch"
},
"product_reference": "python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch"
},
"product_reference": "rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.7.14-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src"
},
"product_reference": "rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.14.0.20-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch"
},
"product_reference": "rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.14.0.20-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src"
},
"product_reference": "rubygem-katello-0:4.14.0.20-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.9-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch"
},
"product_reference": "satellite-0:6.16.9-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.9-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src"
},
"product_reference": "satellite-0:6.16.9-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.16.9-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.16.9-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.16.9-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.16.9-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-lifecycle-0:6.16.0-3.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch"
},
"product_reference": "satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-lifecycle-0:6.16.0-3.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src"
},
"product_reference": "satellite-lifecycle-0:6.16.0-3.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src"
},
"product_reference": "yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64 as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
},
"product_reference": "yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64",
"relates_to_product_reference": "9Base-satellite-6.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-18T17:24:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.16/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:27076"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-18T17:24:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.16/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:27076"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-18T17:24:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.16/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:27076"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-18T17:24:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.16/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:27076"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-18T17:24:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.16/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:27076"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-18T17:24:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.16/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:27076"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-18T17:24:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.16/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:27076"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-40192",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-04-16T00:00:49.590876+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2458856"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Pillow, a Python imaging library. This vulnerability allows a remote attacker to trigger a denial of service (DoS) by providing a specially crafted FITS image file. The library\u0027s failure to limit the amount of GZIP-compressed data during decoding can lead to unbounded memory consumption, causing the system to crash or experience severe performance issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40192"
},
{
"category": "external",
"summary": "RHBZ#2458856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458856"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40192",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40192"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/commit/3cb854e8b2bab43f40e342e665f9340d861aa628",
"url": "https://github.com/python-pillow/Pillow/commit/3cb854e8b2bab43f40e342e665f9340d861aa628"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/pull/9521",
"url": "https://github.com/python-pillow/Pillow/pull/9521"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-whj4-6x5x-4v2j",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-whj4-6x5x-4v2j"
},
{
"category": "external",
"summary": "https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html#prevent-fits-decompression-bomb",
"url": "https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html#prevent-fits-decompression-bomb"
}
],
"release_date": "2026-04-15T22:53:56.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-18T17:24:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.16/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:27076"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.src",
"8Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el8sat.x86_64",
"8Base-satellite-6.16:python-pillow-0:12.2.0-1.el8pc.src",
"8Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el8pc.src",
"8Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el8pc.src",
"8Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el8pc.x86_64",
"8Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el8pc.noarch",
"8Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el8pc.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el8sat.src",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.9-1.el8sat.src",
"8Base-satellite-6.16:satellite-cli-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.9-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.noarch",
"8Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.src",
"8Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el8sat.x86_64",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16-capsule:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16-capsule:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16-capsule:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16-capsule:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16-capsule:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16-capsule:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16-capsule:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16-maintenance:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.src",
"9Base-satellite-6.16:dynflow-utils-0:1.6.3-1.1.el9sat.x86_64",
"9Base-satellite-6.16:python-pillow-0:12.2.0-1.el9pc.src",
"9Base-satellite-6.16:python-pillow-debugsource-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python-pulp-ansible-1:0.21.10-4.el9pc.src",
"9Base-satellite-6.16:python-pulp-rpm-0:3.26.8-1.el9pc.src",
"9Base-satellite-6.16:python3.11-pillow-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pillow-debuginfo-0:12.2.0-1.el9pc.x86_64",
"9Base-satellite-6.16:python3.11-pulp-ansible-1:0.21.10-4.el9pc.noarch",
"9Base-satellite-6.16:python3.11-pulp-rpm-0:3.26.8-1.el9pc.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-foreman_maintain-1:1.7.14-1.el9sat.src",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-katello-0:4.14.0.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.9-1.el9sat.src",
"9Base-satellite-6.16:satellite-cli-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.9-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.noarch",
"9Base-satellite-6.16:satellite-lifecycle-0:6.16.0-3.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.src",
"9Base-satellite-6.16:yggdrasil-worker-forwarder-0:0.0.3-5.el9sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing"
}
]
}
RHSA-2026:27126
Vulnerability from csaf_redhat - Published: 2026-06-18 16:31 - Updated: 2026-07-01 00:14A flaw was found in Apache Thrift c_glib language bindings. A remote attacker could send specially crafted requests to a c_glib-based Thrift server, leading to a mismatched memory management routines vulnerability. This could cause the server to crash with a "free(): invalid pointer" error, resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64 | — |
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64 | — |
Workaround
|
A flaw was found in Apache Thrift. This vulnerability involves improper validation of a certificate with a host mismatch, which could allow a remote attacker to bypass security checks. By presenting a specially crafted certificate, an attacker may impersonate a legitimate server or client. This could lead to a security bypass, potentially enabling unauthorized access or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift distributed tracing platform (Tempo) 3.10.0 has been released",
"title": "Topic"
},
{
"category": "general",
"text": "This release of the Red Hat OpenShift distributed tracing platform (Tempo) provides new features, security improvements, and bug fixes.\n\n\nBreaking changes:\n\n* None.\n\n\nDeprecations:\n\n* None.\n\n\nTechnology Preview features:\n\n* None.\n\n\nEnhancements:\n\n* TempoStack support for the automatically injected CA bundle: The TempoStack custom resource supports the automatically injected CA bundle ca-bundle.crt for storage TLS configuration. This CA bundle is supported in addition to the service-ca.crt and ca.crt certificates. As a result, you can use the automatically injected CA bundle to simplify TLS configuration for storage for your TempoStack instances. For more information, see https://redhat.atlassian.net/browse/TRACING-6222.\n\n* Cluster TLS profile adherence: This update introduces support for cluster TLS profile adherence. The Operator uses the TLS configuration from the APIServer custom resource in all TLS communication in the Operator and its operands. As a result, you can configure the TLS cluster profile by using environment variables. For more information, see https://redhat.atlassian.net/browse/TRACING-5845.\n\n* Optional spec.size field provides predefined resource configurations: The TempoStack custom resource supports the optional spec.size field, which provides predefined, pre-tested resource configurations. The following sizes are available: 1x.demo, 1x.pico, 1x.extra-small, 1x.small, and 1x.medium. The selected size sets the resource requests and limits for the TempoStack components and a default replication factor if one is not explicitly specified. The default replication factor is 1 for 1x.demo and 2 for the other sizes. As a result, you can deploy a TempoStack instance without manually calculating resources for each component. For more information, see https://redhat.atlassian.net/browse/TRACING-5376.\n\n* Custom environment variables for TempoStack containers: The TempoStack custom resource supports the spec.env and spec.envFrom fields, which allow you to inject custom environment variables into all Tempo containers, including values sourced from a secret or config map. Combined with the spec.extraConfig field, you can reference these environment variables in the Tempo configuration by using the ${VAR_NAME} syntax. As a result, you can supply the password for a password-protected Redis cache from a secret instead of embedding it in the custom resource. For more information, see https://redhat.atlassian.net/browse/TRACING-5933.\n\n\nBug fixes:\n\n* The tempo-gateway-opa container starts in namespaces that enforce a LimitRange: Before this update, the tempo-gateway-opa container was created without default resource requests and limits when percentage-based resource calculation was used. As a consequence, the container could fail to start in namespaces that enforce a LimitRange resource. With this update, the Operator sets default resource requests and limits on the tempo-gateway-opa container. As a result, the tempo-gateway-opa container starts as expected. For more information, see https://redhat.atlassian.net/browse/TRACING-5716.\n\n* TempoStack and TempoMonolithic resources no longer get stuck in a terminating state: Previously, the certificate rotation controllers in the Tempo Operator updated certificate hash annotations without checking whether a resource had a deletion timestamp. When a TempoStack or TempoMonolithic resource was deleted, these annotation updates caused resource version conflicts that prevented the foreground deletion finalizer from being removed. As a result, resources remained stuck in a terminating state. With this update, the certificate rotation controllers skip annotation updates when a resource is being deleted. As a result, TempoStack and TempoMonolithic resources are deleted correctly without getting stuck in a terminating state. For more information, see https://redhat.atlassian.net/browse/TRACING-6138.\n\n* TempoStack gateway pods spread across nodes for high availability: Previously, the TempoStack gateway deployment did not set a pod anti-affinity rule. Other components such as the distributor, querier, query front end, and ingesters did set a pod anti-affinity rule. As a result, all gateway replicas could be scheduled on the same node, reducing high availability. With this update, the gateway and compactor deployments set pod anti-affinity rules. As a result, gateway replicas are spread across nodes, which can improve high availability. For more information, see https://redhat.atlassian.net/browse/TRACING-6148.\n\n* The gateway correctly forwards OTLP HTTP traffic over HTTPS for Tempo Monolithic: Before this update, when Tempo Monolithic was configured with \u0027multitenancy.enabled: true\u0027 and \u0027ingestion.otlp.http.tls.enabled: true\u0027, the gateway forwarded OTLP HTTP traffic to the Tempo receiver using plain HTTP instead of HTTPS. As a consequence, the connection failed with a \u0027connection reset by peer\u0027 error because the receiver expected TLS connections. With this update, the gateway forwards OTLP HTTP traffic over HTTPS when TLS is enabled. As a result, OTLP HTTP ingestion through the gateway works correctly when multitenancy and OTLP HTTP TLS are enabled. For more information, see https://issues.redhat.com/browse/TRACING-5973.\n\n\nKnown issues:",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:27126",
"url": "https://access.redhat.com/errata/RHSA-2026:27126"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-48431",
"url": "https://access.redhat.com/security/cve/CVE-2025-48431"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-43869",
"url": "https://access.redhat.com/security/cve/CVE-2026-43869"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/distributed_tracing/distributed-tracing-platform-tempo",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/distributed_tracing/distributed-tracing-platform-tempo"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_27126.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.10.0 release",
"tracking": {
"current_release_date": "2026-07-01T00:14:45+00:00",
"generator": {
"date": "2026-07-01T00:14:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:27126",
"initial_release_date": "2026-06-18T16:31:31+00:00",
"revision_history": [
{
"date": "2026-06-18T16:31:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-18T16:31:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:14:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift distributed tracing 3.10.1",
"product": {
"name": "Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.10::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift distributed tracing"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-operator-bundle@sha256%3A03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-operator-bundle\u0026tag=1781591522"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel9@sha256%3A6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel9\u0026tag=1781589515"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel9@sha256%3A8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9\u0026tag=1781589458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel9@sha256%3A5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9\u0026tag=1781589512"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel9-operator@sha256%3Aa72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel9-operator\u0026tag=1781589394"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel9@sha256%3A7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-query-rhel9\u0026tag=1781587690"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel9@sha256%3A49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel9\u0026tag=1781589494"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel9@sha256%3A93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel9\u0026tag=1781589515"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel9@sha256%3A741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9\u0026tag=1781589458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel9@sha256%3Af889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9\u0026tag=1781589512"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel9-operator@sha256%3Abd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel9-operator\u0026tag=1781589394"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel9@sha256%3Afbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt/tempo-query-rhel9\u0026tag=1781587690"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel9@sha256%3A8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel9\u0026tag=1781589494"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel9@sha256%3A964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel9\u0026tag=1781589515"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel9@sha256%3A6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9\u0026tag=1781589458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel9@sha256%3Ae5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9\u0026tag=1781589512"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel9-operator@sha256%3A72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel9-operator\u0026tag=1781589394"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel9@sha256%3Aa13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/tempo-query-rhel9\u0026tag=1781587690"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel9@sha256%3A4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel9\u0026tag=1781589494"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel9@sha256%3Aed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel9\u0026tag=1781589515"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel9@sha256%3A0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9\u0026tag=1781589458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel9@sha256%3A648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9\u0026tag=1781589512"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel9-operator@sha256%3A982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel9-operator\u0026tag=1781589394"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel9@sha256%3A6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/tempo-query-rhel9\u0026tag=1781587690"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel9@sha256%3Af1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel9\u0026tag=1781589494"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64 as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64 as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64 as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64 as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64 as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64 as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64 as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64 as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64 as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64 as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64 as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64 as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64 as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x as a component of Red Hat OpenShift distributed tracing 3.10.1",
"product_id": "Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.10.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-48431",
"cwe": {
"id": "CWE-763",
"name": "Release of Invalid Pointer or Reference"
},
"discovery_date": "2026-04-28T10:01:26.612789+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463410"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Thrift c_glib language bindings. A remote attacker could send specially crafted requests to a c_glib-based Thrift server, leading to a mismatched memory management routines vulnerability. This could cause the server to crash with a \"free(): invalid pointer\" error, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache Thrift: c_glib: Apache Thrift c_glib: Denial of Service via specially crafted requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48431"
},
{
"category": "external",
"summary": "RHBZ#2463410",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463410"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48431",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48431"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48431"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2026/04/28/8",
"url": "http://www.openwall.com/lists/oss-security/2026/04/28/8"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql",
"url": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"
}
],
"release_date": "2026-04-28T09:11:44.283000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-18T16:31:31+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:27126"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache Thrift: c_glib: Apache Thrift c_glib: Denial of Service via specially crafted requests"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-18T16:31:31+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:27126"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-43869",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-05-05T08:00:56.417384+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466660"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Thrift. This vulnerability involves improper validation of a certificate with a host mismatch, which could allow a remote attacker to bypass security checks. By presenting a specially crafted certificate, an attacker may impersonate a legitimate server or client. This could lead to a security bypass, potentially enabling unauthorized access or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-43869"
},
{
"category": "external",
"summary": "RHBZ#2466660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466660"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-43869",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-43869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43869"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/3hsgl1b69wzq3ry39scqbv2dhyl3j52r",
"url": "https://lists.apache.org/thread/3hsgl1b69wzq3ry39scqbv2dhyl3j52r"
}
],
"release_date": "2026-05-05T07:25:48.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-18T16:31:31+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:27126"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:5cd85eb3e3db8bc1e9c6f4fabce36953900a458146b7ce708aa0855fcd7a0d8c_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:648a86d94ec347c50f841c2c29e42757c292dc524ab6846fcd5e8e042b62eaff_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:e5d2a94a4e349cc95a0e986b53ce84c465ab4db979ef744fa440b6c0c0e0d470_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:f889ac6aa2e58468186f26e23bbccb138a6a447812c5cd10f27abac59bbff66a_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:6d1a2f14570e24fdf67ead3be0f1009367de068cca2aabb52f208ab7de2f75cb_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:93d0e97f5a2e3a912b278e441ba0d5a12dfbaec7b5fbc74e0024370682835db8_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:964eb3aec90a5349573cf9051fd8216235f5df75df60cefa1be7169798405593_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:ed07d775c269c34ade7d6542e767fecba8d8400e7b4dcf89ffd28dda78cab24c_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:0f3850087eaba5ed9eeb72d17daa80e9e54949ae8784b3188aab230f91972ba0_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:6ce0e7e216cd3ebde9e52aaefdb075be1b50a237ad0842b312f8ff57cc99bc0e_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:741666990f423912210682fd1f01ccff3443a1a9e7a364ee46fb6c72f0ed2c1b_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8a117249236408257bf19cb9d600b03c851b94fa072acccef8ed1ebc18164354_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:03cbea46e6fb4147cb6bcdccd049a1609d3f66901cb125363c52bb821a8ade47_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:6cbf17cad7cf17d49fa078900b19ef9cf4bc6465d259d75fb9137379445df991_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:7b3f78b81dd82c64012c2ef2b2c05dd9fbad2cb270f24fcdf592e606cdc4636e_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:a13fff512de7b06cce174b386e4f1804ea3a146e3a062a22f10e5dfc509daa7a_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:fbe636335dbd0fac4680252d9240115207d8f0753c921d990df4aedbf9c0dbdf_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:72027f041985f99327ea415ee17139770d8d0bdcf7baf13b59591c60fb585b33_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:982cc78ad2616cbed77c2465d51fa61b78e54021ad84e8ecfd9b4aef80f6e39f_s390x",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:a72d0e29b18d3ef6cd8ec6fcfc047cbd51e7506ec8132530b6df89ea7c6fa912_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:bd369ccca53dc35702aad962ae86918076cbe113326d9e09589b2d3324e23bfa_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:49b701eaa9a8c0f97a4a2982b20ee510f294f0c7e06800890c953b98d3f1eebe_amd64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:4b79a6b2a5bd9cf17fe24da802779ae87710e522aeb3538007cf8c2326af2b39_ppc64le",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:8f3b20e29544cc58f8256df89322847fbbaca8e7292d1235da0be9b126d25a90_arm64",
"Red Hat OpenShift distributed tracing 3.10.1:registry.redhat.io/rhosdt/tempo-rhel9@sha256:f1be50dfd7e9621bee928080a8f6f6fc0c9fb37e8c93931926faf4e5b50f1052_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation"
}
]
}
RHSA-2026:27711
Vulnerability from csaf_redhat - Published: 2026-06-22 02:03 - Updated: 2026-07-01 00:14A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for osbuild-composer is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients.\n\nSecurity Fix(es):\n\n* crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:27711",
"url": "https://access.redhat.com/errata/RHSA-2026:27711"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_27711.json"
}
],
"title": "Red Hat Security Advisory: osbuild-composer security update",
"tracking": {
"current_release_date": "2026-07-01T00:14:45+00:00",
"generator": {
"date": "2026-07-01T00:14:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:27711",
"initial_release_date": "2026-06-22T02:03:31+00:00",
"revision_history": [
{
"date": "2026-06-22T02:03:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-22T02:03:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:14:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:134.1-8.el10_0.src",
"product": {
"name": "osbuild-composer-0:134.1-8.el10_0.src",
"product_id": "osbuild-composer-0:134.1-8.el10_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@134.1-8.el10_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:134.1-8.el10_0.aarch64",
"product": {
"name": "osbuild-composer-0:134.1-8.el10_0.aarch64",
"product_id": "osbuild-composer-0:134.1-8.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@134.1-8.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:134.1-8.el10_0.aarch64",
"product": {
"name": "osbuild-composer-core-0:134.1-8.el10_0.aarch64",
"product_id": "osbuild-composer-core-0:134.1-8.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@134.1-8.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:134.1-8.el10_0.aarch64",
"product": {
"name": "osbuild-composer-worker-0:134.1-8.el10_0.aarch64",
"product_id": "osbuild-composer-worker-0:134.1-8.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@134.1-8.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:134.1-8.el10_0.aarch64",
"product": {
"name": "osbuild-composer-debugsource-0:134.1-8.el10_0.aarch64",
"product_id": "osbuild-composer-debugsource-0:134.1-8.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@134.1-8.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.aarch64",
"product": {
"name": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.aarch64",
"product_id": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@134.1-8.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.aarch64",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.aarch64",
"product_id": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@134.1-8.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.aarch64",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.aarch64",
"product_id": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@134.1-8.el10_0?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:134.1-8.el10_0.ppc64le",
"product": {
"name": "osbuild-composer-0:134.1-8.el10_0.ppc64le",
"product_id": "osbuild-composer-0:134.1-8.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@134.1-8.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:134.1-8.el10_0.ppc64le",
"product": {
"name": "osbuild-composer-core-0:134.1-8.el10_0.ppc64le",
"product_id": "osbuild-composer-core-0:134.1-8.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@134.1-8.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:134.1-8.el10_0.ppc64le",
"product": {
"name": "osbuild-composer-worker-0:134.1-8.el10_0.ppc64le",
"product_id": "osbuild-composer-worker-0:134.1-8.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@134.1-8.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:134.1-8.el10_0.ppc64le",
"product": {
"name": "osbuild-composer-debugsource-0:134.1-8.el10_0.ppc64le",
"product_id": "osbuild-composer-debugsource-0:134.1-8.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@134.1-8.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.ppc64le",
"product": {
"name": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.ppc64le",
"product_id": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@134.1-8.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.ppc64le",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.ppc64le",
"product_id": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@134.1-8.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.ppc64le",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.ppc64le",
"product_id": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@134.1-8.el10_0?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:134.1-8.el10_0.s390x",
"product": {
"name": "osbuild-composer-0:134.1-8.el10_0.s390x",
"product_id": "osbuild-composer-0:134.1-8.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@134.1-8.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:134.1-8.el10_0.s390x",
"product": {
"name": "osbuild-composer-core-0:134.1-8.el10_0.s390x",
"product_id": "osbuild-composer-core-0:134.1-8.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@134.1-8.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:134.1-8.el10_0.s390x",
"product": {
"name": "osbuild-composer-worker-0:134.1-8.el10_0.s390x",
"product_id": "osbuild-composer-worker-0:134.1-8.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@134.1-8.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:134.1-8.el10_0.s390x",
"product": {
"name": "osbuild-composer-debugsource-0:134.1-8.el10_0.s390x",
"product_id": "osbuild-composer-debugsource-0:134.1-8.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@134.1-8.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.s390x",
"product": {
"name": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.s390x",
"product_id": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@134.1-8.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.s390x",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.s390x",
"product_id": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@134.1-8.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.s390x",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.s390x",
"product_id": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@134.1-8.el10_0?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:134.1-8.el10_0.x86_64",
"product": {
"name": "osbuild-composer-0:134.1-8.el10_0.x86_64",
"product_id": "osbuild-composer-0:134.1-8.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@134.1-8.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:134.1-8.el10_0.x86_64",
"product": {
"name": "osbuild-composer-core-0:134.1-8.el10_0.x86_64",
"product_id": "osbuild-composer-core-0:134.1-8.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@134.1-8.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:134.1-8.el10_0.x86_64",
"product": {
"name": "osbuild-composer-worker-0:134.1-8.el10_0.x86_64",
"product_id": "osbuild-composer-worker-0:134.1-8.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@134.1-8.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:134.1-8.el10_0.x86_64",
"product": {
"name": "osbuild-composer-debugsource-0:134.1-8.el10_0.x86_64",
"product_id": "osbuild-composer-debugsource-0:134.1-8.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@134.1-8.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.x86_64",
"product": {
"name": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.x86_64",
"product_id": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@134.1-8.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.x86_64",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.x86_64",
"product_id": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@134.1-8.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.x86_64",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.x86_64",
"product_id": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@134.1-8.el10_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:134.1-8.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.aarch64"
},
"product_reference": "osbuild-composer-0:134.1-8.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:134.1-8.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.ppc64le"
},
"product_reference": "osbuild-composer-0:134.1-8.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:134.1-8.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.s390x"
},
"product_reference": "osbuild-composer-0:134.1-8.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:134.1-8.el10_0.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.src"
},
"product_reference": "osbuild-composer-0:134.1-8.el10_0.src",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:134.1-8.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.x86_64"
},
"product_reference": "osbuild-composer-0:134.1-8.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:134.1-8.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.aarch64"
},
"product_reference": "osbuild-composer-core-0:134.1-8.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:134.1-8.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.ppc64le"
},
"product_reference": "osbuild-composer-core-0:134.1-8.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:134.1-8.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.s390x"
},
"product_reference": "osbuild-composer-core-0:134.1-8.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:134.1-8.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.x86_64"
},
"product_reference": "osbuild-composer-core-0:134.1-8.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.aarch64"
},
"product_reference": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.ppc64le"
},
"product_reference": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.s390x"
},
"product_reference": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.x86_64"
},
"product_reference": "osbuild-composer-core-debuginfo-0:134.1-8.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:134.1-8.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.aarch64"
},
"product_reference": "osbuild-composer-debugsource-0:134.1-8.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:134.1-8.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.ppc64le"
},
"product_reference": "osbuild-composer-debugsource-0:134.1-8.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:134.1-8.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.s390x"
},
"product_reference": "osbuild-composer-debugsource-0:134.1-8.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:134.1-8.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.x86_64"
},
"product_reference": "osbuild-composer-debugsource-0:134.1-8.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.aarch64"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.ppc64le"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.s390x"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.x86_64"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:134.1-8.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.aarch64"
},
"product_reference": "osbuild-composer-worker-0:134.1-8.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:134.1-8.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.ppc64le"
},
"product_reference": "osbuild-composer-worker-0:134.1-8.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:134.1-8.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.s390x"
},
"product_reference": "osbuild-composer-worker-0:134.1-8.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:134.1-8.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.x86_64"
},
"product_reference": "osbuild-composer-worker-0:134.1-8.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.aarch64"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.ppc64le"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.s390x"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.x86_64"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.src",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T02:03:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.src",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:27711"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.src",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.src",
"AppStream-10.0.Z.E2S:osbuild-composer-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-core-debuginfo-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-debugsource-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-tests-debuginfo-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-0:134.1-8.el10_0.x86_64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.aarch64",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.s390x",
"AppStream-10.0.Z.E2S:osbuild-composer-worker-debuginfo-0:134.1-8.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
}
]
}
RHSA-2026:27740
Vulnerability from csaf_redhat - Published: 2026-06-22 04:12 - Updated: 2026-07-01 00:14A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.2.Z:golang-github-openprinting-ipp-usb-0:0.9.27-7.el10_2.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.aarch64 | — |
Workaround
|
|
| Unresolved product id: AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.ppc64le | — |
Workaround
|
|
| Unresolved product id: AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.s390x | — |
Workaround
|
|
| Unresolved product id: AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.x86_64 | — |
Workaround
|
|
| Unresolved product id: AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.aarch64 | — |
Workaround
|
|
| Unresolved product id: AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.ppc64le | — |
Workaround
|
|
| Unresolved product id: AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.s390x | — |
Workaround
|
|
| Unresolved product id: AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.x86_64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for golang-github-openprinting-ipp-usb is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables\n driverless support for USB devices capable of using IPP-over-USB protocol.\n\nSecurity Fix(es):\n\n* crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:27740",
"url": "https://access.redhat.com/errata/RHSA-2026:27740"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_27740.json"
}
],
"title": "Red Hat Security Advisory: golang-github-openprinting-ipp-usb security update",
"tracking": {
"current_release_date": "2026-07-01T00:14:45+00:00",
"generator": {
"date": "2026-07-01T00:14:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:27740",
"initial_release_date": "2026-06-22T04:12:16+00:00",
"revision_history": [
{
"date": "2026-06-22T04:12:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-22T04:12:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:14:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.2"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-openprinting-ipp-usb-0:0.9.27-7.el10_2.1.src",
"product": {
"name": "golang-github-openprinting-ipp-usb-0:0.9.27-7.el10_2.1.src",
"product_id": "golang-github-openprinting-ipp-usb-0:0.9.27-7.el10_2.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openprinting-ipp-usb@0.9.27-7.el10_2.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ipp-usb-0:0.9.27-7.el10_2.1.aarch64",
"product": {
"name": "ipp-usb-0:0.9.27-7.el10_2.1.aarch64",
"product_id": "ipp-usb-0:0.9.27-7.el10_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipp-usb@0.9.27-7.el10_2.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.aarch64",
"product": {
"name": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.aarch64",
"product_id": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openprinting-ipp-usb-debugsource@0.9.27-7.el10_2.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.aarch64",
"product": {
"name": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.aarch64",
"product_id": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipp-usb-debuginfo@0.9.27-7.el10_2.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ipp-usb-0:0.9.27-7.el10_2.1.ppc64le",
"product": {
"name": "ipp-usb-0:0.9.27-7.el10_2.1.ppc64le",
"product_id": "ipp-usb-0:0.9.27-7.el10_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipp-usb@0.9.27-7.el10_2.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.ppc64le",
"product": {
"name": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.ppc64le",
"product_id": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openprinting-ipp-usb-debugsource@0.9.27-7.el10_2.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.ppc64le",
"product": {
"name": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.ppc64le",
"product_id": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipp-usb-debuginfo@0.9.27-7.el10_2.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ipp-usb-0:0.9.27-7.el10_2.1.s390x",
"product": {
"name": "ipp-usb-0:0.9.27-7.el10_2.1.s390x",
"product_id": "ipp-usb-0:0.9.27-7.el10_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipp-usb@0.9.27-7.el10_2.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.s390x",
"product": {
"name": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.s390x",
"product_id": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openprinting-ipp-usb-debugsource@0.9.27-7.el10_2.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.s390x",
"product": {
"name": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.s390x",
"product_id": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipp-usb-debuginfo@0.9.27-7.el10_2.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ipp-usb-0:0.9.27-7.el10_2.1.x86_64",
"product": {
"name": "ipp-usb-0:0.9.27-7.el10_2.1.x86_64",
"product_id": "ipp-usb-0:0.9.27-7.el10_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipp-usb@0.9.27-7.el10_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.x86_64",
"product": {
"name": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.x86_64",
"product_id": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openprinting-ipp-usb-debugsource@0.9.27-7.el10_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.x86_64",
"product": {
"name": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.x86_64",
"product_id": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipp-usb-debuginfo@0.9.27-7.el10_2.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openprinting-ipp-usb-0:0.9.27-7.el10_2.1.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.2.Z:golang-github-openprinting-ipp-usb-0:0.9.27-7.el10_2.1.src"
},
"product_reference": "golang-github-openprinting-ipp-usb-0:0.9.27-7.el10_2.1.src",
"relates_to_product_reference": "AppStream-10.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.aarch64"
},
"product_reference": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.aarch64",
"relates_to_product_reference": "AppStream-10.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.ppc64le"
},
"product_reference": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.ppc64le",
"relates_to_product_reference": "AppStream-10.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.s390x"
},
"product_reference": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.s390x",
"relates_to_product_reference": "AppStream-10.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.x86_64"
},
"product_reference": "golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.x86_64",
"relates_to_product_reference": "AppStream-10.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipp-usb-0:0.9.27-7.el10_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.aarch64"
},
"product_reference": "ipp-usb-0:0.9.27-7.el10_2.1.aarch64",
"relates_to_product_reference": "AppStream-10.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipp-usb-0:0.9.27-7.el10_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.ppc64le"
},
"product_reference": "ipp-usb-0:0.9.27-7.el10_2.1.ppc64le",
"relates_to_product_reference": "AppStream-10.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipp-usb-0:0.9.27-7.el10_2.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.s390x"
},
"product_reference": "ipp-usb-0:0.9.27-7.el10_2.1.s390x",
"relates_to_product_reference": "AppStream-10.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipp-usb-0:0.9.27-7.el10_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.x86_64"
},
"product_reference": "ipp-usb-0:0.9.27-7.el10_2.1.x86_64",
"relates_to_product_reference": "AppStream-10.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.aarch64"
},
"product_reference": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.aarch64",
"relates_to_product_reference": "AppStream-10.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.ppc64le"
},
"product_reference": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.ppc64le",
"relates_to_product_reference": "AppStream-10.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.s390x"
},
"product_reference": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.s390x",
"relates_to_product_reference": "AppStream-10.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.x86_64"
},
"product_reference": "ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.x86_64",
"relates_to_product_reference": "AppStream-10.2.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.aarch64",
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.ppc64le",
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.s390x",
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.x86_64",
"AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.aarch64",
"AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.ppc64le",
"AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.s390x",
"AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-0:0.9.27-7.el10_2.1.src",
"AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.aarch64",
"AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.ppc64le",
"AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.s390x",
"AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.x86_64"
],
"known_not_affected": [
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.aarch64",
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.ppc64le",
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.s390x",
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.x86_64",
"AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.aarch64",
"AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.ppc64le",
"AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.s390x",
"AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T04:12:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-0:0.9.27-7.el10_2.1.src",
"AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.aarch64",
"AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.ppc64le",
"AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.s390x",
"AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:27740"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-0:0.9.27-7.el10_2.1.src",
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.aarch64",
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.ppc64le",
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.s390x",
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.x86_64",
"AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.aarch64",
"AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.ppc64le",
"AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.s390x",
"AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.x86_64",
"AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.aarch64",
"AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.ppc64le",
"AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.s390x",
"AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-0:0.9.27-7.el10_2.1.src",
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.aarch64",
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.ppc64le",
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.s390x",
"AppStream-10.2.Z:golang-github-openprinting-ipp-usb-debugsource-0:0.9.27-7.el10_2.1.x86_64",
"AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.aarch64",
"AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.ppc64le",
"AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.s390x",
"AppStream-10.2.Z:ipp-usb-0:0.9.27-7.el10_2.1.x86_64",
"AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.aarch64",
"AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.ppc64le",
"AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.s390x",
"AppStream-10.2.Z:ipp-usb-debuginfo-0:0.9.27-7.el10_2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
}
]
}
RHSA-2026:28010
Vulnerability from csaf_redhat - Published: 2026-06-22 17:15 - Updated: 2026-07-01 00:14A flaw was found in Apache Thrift c_glib language bindings. A remote attacker could send specially crafted requests to a c_glib-based Thrift server, leading to a mismatched memory management routines vulnerability. This could cause the server to crash with a "free(): invalid pointer" error, resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
Workaround
|
A flaw was found in DOMPurify, a DOM-only cross-site scripting sanitizer. A remote attacker could exploit an inconsistency in how forbidden tags and attributes are handled when function-based tag additions are used. This allows malicious HTML, MathML, or SVG elements to bypass sanitization and execute arbitrary code in the user's browser, leading to Cross-Site Scripting (XSS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
Workaround
|
A flaw was found in Netty. The HttpProxyHandler component, which handles HTTP CONNECT requests, does not properly validate user-provided outbound headers. This allows an attacker to inject arbitrary HTTP headers into the CONNECT request sent to the proxy server. This could lead to unexpected behavior or potential bypass of security controls on the proxy server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — |
A flaw was found in Netty. Netty's DNS (Domain Name System) codec does not properly enforce domain name constraints as defined in RFC 1035 during both encoding and decoding processes. This vulnerability allows a remote attacker to exploit the decoder using malicious DNS responses or exploit the encoder through user-influenced hostnames, leading to a high integrity impact on the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — |
Workaround
|
A flaw was found in Netty's HttpObjectDecoder. A remote attacker can exploit this by sending a specially crafted HTTP/1.0 request that includes both `Transfer-Encoding: chunked` and `Content-Length` headers. While Netty correctly strips the conflicting `Content-Length` header for HTTP/1.1 messages, this guard is absent for HTTP/1.0. This can lead to HTTP request smuggling, where downstream proxies or handlers may misinterpret message boundaries, potentially allowing an attacker to bypass security controls or access unauthorized information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — |
Workaround
|
A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker could exploit this vulnerability by sending a specific sequence of HTTP responses (103, followed by a 200 with a GET body, then another 200 for a HEAD request) when the client pipelines GET then HEAD requests. This can cause the HttpClientCodec to incorrectly pair responses, leading to subsequent HTTP responses being parsed from the wrong offset. This issue may result in information disclosure or other data integrity problems due to misinterpretation of network traffic.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — |
A flaw was found in Netty. A remote attacker can bypass the configured decompression limit in the HttpContentDecompressor by sending a specially crafted compressed payload using Brotli (br), Zstandard (zstd), or Snappy content encodings. This can lead to unbounded memory allocation, resulting in an out-of-memory Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — |
Workaround
|
A flaw was found in Apache Thrift. This vulnerability involves improper validation of a certificate with a host mismatch, which could allow a remote attacker to bypass security checks. By presenting a specially crafted certificate, an attacker may impersonate a legitimate server or client. This could lead to a security bypass, potentially enabling unauthorized access or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for the Red Hat build of Cryostat 4 on RHEL 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "An update is now available for the Red Hat build of Cryostat 4 on RHEL 9.\n\nSecurity Fix(es):\n\n* DOMPurify: Cross-Site Scripting (XSS) via inconsistent tag sanitization (CVE-2026-41240)\n* crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)\n* shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (CVE-2026-9277)\n* Apache Thrift: Security bypass due to improper certificate validation (CVE-2026-43869)\n* Netty: High integrity impact due to improper DNS domain name constraint enforcement (CVE-2026-42579)\n* Netty: Incorrect HTTP response parsing leads to data confusion (CVE-2026-42584)\n* Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers (CVE-2026-42581)\n* Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation (CVE-2026-42578)\n* Netty: Denial of Service via unbounded memory allocation in HTTP content decompression (CVE-2026-42587)\n* Apache Thrift c_glib: Denial of Service via specially crafted requests (CVE-2025-48431)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:28010",
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "2461147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461147"
},
{
"category": "external",
"summary": "2463410",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463410"
},
{
"category": "external",
"summary": "2466660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466660"
},
{
"category": "external",
"summary": "2477217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477217"
},
{
"category": "external",
"summary": "2477220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477220"
},
{
"category": "external",
"summary": "2477224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477224"
},
{
"category": "external",
"summary": "2477226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477226"
},
{
"category": "external",
"summary": "2477232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477232"
},
{
"category": "external",
"summary": "2480741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480741"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_28010.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Cryostat security update",
"tracking": {
"current_release_date": "2026-07-01T00:14:46+00:00",
"generator": {
"date": "2026-07-01T00:14:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:28010",
"initial_release_date": "2026-06-22T17:15:26+00:00",
"revision_history": [
{
"date": "2026-06-22T17:15:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-22T17:15:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:14:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Cryostat 4 on RHEL 9",
"product": {
"name": "Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:cryostat:4::el9"
}
}
}
],
"category": "product_family",
"name": "Cryostat"
},
{
"branches": [
{
"category": "product_version",
"name": "cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"product": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"product_id": "cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-agent-init-rhel9\u0026tag=0.7.0-8"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"product": {
"name": "cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"product_id": "cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-db-rhel9\u0026tag=4.2.0-16"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"product": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"product_id": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-grafana-dashboard-rhel9\u0026tag=4.2.0-10"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"product": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"product_id": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-openshift-console-plugin-rhel9\u0026tag=4.2.0-10"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"product": {
"name": "cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"product_id": "cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-reports-rhel9\u0026tag=4.2.0-10"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"product": {
"name": "cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"product_id": "cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9\u0026tag=4.2.0-10"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"product": {
"name": "cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"product_id": "cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-operator-bundle\u0026tag=4.2.0-8"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"product": {
"name": "cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"product_id": "cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9-operator\u0026tag=4.2.0-15"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"product": {
"name": "cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"product_id": "cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-storage-rhel9\u0026tag=4.2.0-16"
}
}
},
{
"category": "product_version",
"name": "cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"product": {
"name": "cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"product_id": "cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/jfr-datasource-rhel9\u0026tag=4.2.0-10"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"product": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"product_id": "cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-agent-init-rhel9\u0026tag=0.7.0-8"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"product": {
"name": "cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"product_id": "cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-db-rhel9\u0026tag=4.2.0-16"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"product": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"product_id": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-grafana-dashboard-rhel9\u0026tag=4.2.0-10"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"product": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"product_id": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-openshift-console-plugin-rhel9\u0026tag=4.2.0-10"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"product": {
"name": "cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"product_id": "cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-reports-rhel9\u0026tag=4.2.0-10"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"product": {
"name": "cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"product_id": "cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9\u0026tag=4.2.0-10"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"product": {
"name": "cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"product_id": "cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-operator-bundle\u0026tag=4.2.0-8"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"product": {
"name": "cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"product_id": "cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9-operator\u0026tag=4.2.0-15"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"product": {
"name": "cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"product_id": "cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-storage-rhel9\u0026tag=4.2.0-16"
}
}
},
{
"category": "product_version",
"name": "cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64",
"product": {
"name": "cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64",
"product_id": "cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/jfr-datasource-rhel9\u0026tag=4.2.0-10"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64"
},
"product_reference": "cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64"
},
"product_reference": "cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64"
},
"product_reference": "cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64"
},
"product_reference": "cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64"
},
"product_reference": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64"
},
"product_reference": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64"
},
"product_reference": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64"
},
"product_reference": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64"
},
"product_reference": "cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64"
},
"product_reference": "cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64"
},
"product_reference": "cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64"
},
"product_reference": "cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64"
},
"product_reference": "cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64"
},
"product_reference": "cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64"
},
"product_reference": "cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64"
},
"product_reference": "cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64"
},
"product_reference": "cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
},
"product_reference": "cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64"
},
"product_reference": "cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
},
"product_reference": "cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-48431",
"cwe": {
"id": "CWE-763",
"name": "Release of Invalid Pointer or Reference"
},
"discovery_date": "2026-04-28T10:01:26.612789+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463410"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Thrift c_glib language bindings. A remote attacker could send specially crafted requests to a c_glib-based Thrift server, leading to a mismatched memory management routines vulnerability. This could cause the server to crash with a \"free(): invalid pointer\" error, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache Thrift: c_glib: Apache Thrift c_glib: Denial of Service via specially crafted requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48431"
},
{
"category": "external",
"summary": "RHBZ#2463410",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463410"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48431",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48431"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48431"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2026/04/28/8",
"url": "http://www.openwall.com/lists/oss-security/2026/04/28/8"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql",
"url": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"
}
],
"release_date": "2026-04-28T09:11:44.283000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache Thrift: c_glib: Apache Thrift c_glib: Denial of Service via specially crafted requests"
},
{
"cve": "CVE-2026-9277",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-05-22T14:01:14.427751+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480741"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "RHBZ#2480741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9277",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote",
"url": "https://github.com/ljharb/shell-quote"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/commit/1518179",
"url": "https://github.com/ljharb/shell-quote/commit/1518179"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p",
"url": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/shell-quote",
"url": "https://www.npmjs.com/package/shell-quote"
}
],
"release_date": "2026-05-22T13:22:38.873000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-41240",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-04-23T16:04:41.751666+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461147"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify, a DOM-only cross-site scripting sanitizer. A remote attacker could exploit an inconsistency in how forbidden tags and attributes are handled when function-based tag additions are used. This allows malicious HTML, MathML, or SVG elements to bypass sanitization and execute arbitrary code in the user\u0027s browser, leading to Cross-Site Scripting (XSS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "DOMPurify: DOMPurify: Cross-Site Scripting (XSS) via inconsistent tag sanitization",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41240"
},
{
"category": "external",
"summary": "RHBZ#2461147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461147"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41240",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41240"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41240",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41240"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/c361baa18dbdcb3344a41110f4c48ad85bf48f80",
"url": "https://github.com/cure53/DOMPurify/commit/c361baa18dbdcb3344a41110f4c48ad85bf48f80"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/releases/tag/3.4.0",
"url": "https://github.com/cure53/DOMPurify/releases/tag/3.4.0"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-h7mw-gpvr-xq4m",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-h7mw-gpvr-xq4m"
}
],
"release_date": "2026-04-23T14:54:32.426000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "DOMPurify: DOMPurify: Cross-Site Scripting (XSS) via inconsistent tag sanitization"
},
{
"cve": "CVE-2026-42578",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-05-13T19:02:00.826936+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477226"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. The HttpProxyHandler component, which handles HTTP CONNECT requests, does not properly validate user-provided outbound headers. This allows an attacker to inject arbitrary HTTP headers into the CONNECT request sent to the proxy server. This could lead to unexpected behavior or potential bypass of security controls on the proxy server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42578"
},
{
"category": "external",
"summary": "RHBZ#2477226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477226"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42578",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42578"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42578",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42578"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr",
"url": "https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr"
}
],
"release_date": "2026-05-13T17:57:43.538000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation"
},
{
"cve": "CVE-2026-42579",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-05-13T19:01:25.062732+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477217"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. Netty\u0027s DNS (Domain Name System) codec does not properly enforce domain name constraints as defined in RFC 1035 during both encoding and decoding processes. This vulnerability allows a remote attacker to exploit the decoder using malicious DNS responses or exploit the encoder through user-influenced hostnames, leading to a high integrity impact on the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important integrity flaw in Netty\u0027s DNS codec. The vulnerability arises from insufficient enforcement of RFC 1035 domain name constraints during both encoding and decoding, allowing remote attackers to manipulate DNS responses or user-controlled hostnames. This could lead to a high integrity impact on affected Red Hat products that utilize the vulnerable Netty DNS codec.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42579"
},
{
"category": "external",
"summary": "RHBZ#2477217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477217"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42579",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42579"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42579",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42579"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm"
}
],
"release_date": "2026-05-13T18:01:52.500000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement"
},
{
"cve": "CVE-2026-42581",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-05-13T19:02:26.404511+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477232"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s HttpObjectDecoder. A remote attacker can exploit this by sending a specially crafted HTTP/1.0 request that includes both `Transfer-Encoding: chunked` and `Content-Length` headers. While Netty correctly strips the conflicting `Content-Length` header for HTTP/1.1 messages, this guard is absent for HTTP/1.0. This can lead to HTTP request smuggling, where downstream proxies or handlers may misinterpret message boundaries, potentially allowing an attacker to bypass security controls or access unauthorized information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw. Netty\u0027s HttpObjectDecoder, used across various Red Hat products, improperly handles conflicting `Transfer-Encoding: chunked` and `Content-Length` headers in HTTP/1.0 requests. This allows a remote attacker to perform HTTP request smuggling, potentially bypassing security controls or gaining unauthorized access to information due to misinterpretation of message boundaries by downstream proxies or handlers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42581"
},
{
"category": "external",
"summary": "RHBZ#2477232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477232"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42581",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42581"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42581",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42581"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9",
"url": "https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9"
}
],
"release_date": "2026-05-13T17:54:44.492000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
},
{
"category": "workaround",
"details": "To mitigate this issue, configure any reverse proxies or load balancers in front of Netty to either reject HTTP/1.0 requests containing both Transfer-Encoding: chunked and Content-Length headers, or to explicitly prioritize the Transfer-Encoding header over Content-Length for HTTP/1.0 traffic. This ensures consistent interpretation of message boundaries and prevents request smuggling attacks.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers"
},
{
"cve": "CVE-2026-42584",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-05-13T19:01:51.846351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477224"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker could exploit this vulnerability by sending a specific sequence of HTTP responses (103, followed by a 200 with a GET body, then another 200 for a HEAD request) when the client pipelines GET then HEAD requests. This can cause the HttpClientCodec to incorrectly pair responses, leading to subsequent HTTP responses being parsed from the wrong offset. This issue may result in information disclosure or other data integrity problems due to misinterpretation of network traffic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in Netty\u0027s HttpClientCodec allows a remote attacker to cause data confusion. By sending a specially crafted sequence of HTTP responses, an attacker can cause subsequent HTTP responses to be parsed incorrectly, potentially leading to information disclosure or data integrity issues in applications utilizing Netty for HTTP client operations. This vulnerability affects various Red Hat products that bundle Netty, including Red Hat AMQ, Enterprise Application Platform, Red Hat Build of Quarkus, and Red Hat Build of Keycloak.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42584"
},
{
"category": "external",
"summary": "RHBZ#2477224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477224"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42584",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42584"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42584",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42584"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3",
"url": "https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3"
}
],
"release_date": "2026-05-13T18:10:48.437000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion"
},
{
"cve": "CVE-2026-42587",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-13T19:01:35.415881+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477220"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. A remote attacker can bypass the configured decompression limit in the HttpContentDecompressor by sending a specially crafted compressed payload using Brotli (br), Zstandard (zstd), or Snappy content encodings. This can lead to unbounded memory allocation, resulting in an out-of-memory Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in Netty\u0027s HTTP content decompression. A remote attacker can exploit this flaw by sending specially crafted compressed payloads using Brotli, Zstandard, or Snappy encodings, bypassing configured decompression limits. This leads to unbounded memory allocation, potentially causing an out-of-memory condition and rendering affected Red Hat systems unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42587"
},
{
"category": "external",
"summary": "RHBZ#2477220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42587",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42587"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv"
}
],
"release_date": "2026-05-13T18:22:21.699000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression"
},
{
"cve": "CVE-2026-43869",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-05-05T08:00:56.417384+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466660"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Thrift. This vulnerability involves improper validation of a certificate with a host mismatch, which could allow a remote attacker to bypass security checks. By presenting a specially crafted certificate, an attacker may impersonate a legitimate server or client. This could lead to a security bypass, potentially enabling unauthorized access or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-43869"
},
{
"category": "external",
"summary": "RHBZ#2466660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466660"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-43869",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-43869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43869"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/3hsgl1b69wzq3ry39scqbv2dhyl3j52r",
"url": "https://lists.apache.org/thread/3hsgl1b69wzq3ry39scqbv2dhyl3j52r"
}
],
"release_date": "2026-05-05T07:25:48.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation"
}
]
}
RHSA-2026:28074
Vulnerability from csaf_redhat - Published: 2026-06-23 02:26 - Updated: 2026-07-01 00:14A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for skopeo is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. \n\nSecurity Fix(es):\n\n* crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:28074",
"url": "https://access.redhat.com/errata/RHSA-2026:28074"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_28074.json"
}
],
"title": "Red Hat Security Advisory: skopeo security update",
"tracking": {
"current_release_date": "2026-07-01T00:14:46+00:00",
"generator": {
"date": "2026-07-01T00:14:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:28074",
"initial_release_date": "2026-06-23T02:26:54+00:00",
"revision_history": [
{
"date": "2026-06-23T02:26:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-23T02:26:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:14:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.22.2-6.el9_8.src",
"product": {
"name": "skopeo-2:1.22.2-6.el9_8.src",
"product_id": "skopeo-2:1.22.2-6.el9_8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.22.2-6.el9_8?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.22.2-6.el9_8.aarch64",
"product": {
"name": "skopeo-2:1.22.2-6.el9_8.aarch64",
"product_id": "skopeo-2:1.22.2-6.el9_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.22.2-6.el9_8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.22.2-6.el9_8.aarch64",
"product": {
"name": "skopeo-tests-2:1.22.2-6.el9_8.aarch64",
"product_id": "skopeo-tests-2:1.22.2-6.el9_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.22.2-6.el9_8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.22.2-6.el9_8.aarch64",
"product": {
"name": "skopeo-debugsource-2:1.22.2-6.el9_8.aarch64",
"product_id": "skopeo-debugsource-2:1.22.2-6.el9_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.22.2-6.el9_8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64",
"product": {
"name": "skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64",
"product_id": "skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.22.2-6.el9_8?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.22.2-6.el9_8.ppc64le",
"product": {
"name": "skopeo-2:1.22.2-6.el9_8.ppc64le",
"product_id": "skopeo-2:1.22.2-6.el9_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.22.2-6.el9_8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.22.2-6.el9_8.ppc64le",
"product": {
"name": "skopeo-tests-2:1.22.2-6.el9_8.ppc64le",
"product_id": "skopeo-tests-2:1.22.2-6.el9_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.22.2-6.el9_8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le",
"product": {
"name": "skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le",
"product_id": "skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.22.2-6.el9_8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le",
"product": {
"name": "skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le",
"product_id": "skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.22.2-6.el9_8?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.22.2-6.el9_8.x86_64",
"product": {
"name": "skopeo-2:1.22.2-6.el9_8.x86_64",
"product_id": "skopeo-2:1.22.2-6.el9_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.22.2-6.el9_8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.22.2-6.el9_8.x86_64",
"product": {
"name": "skopeo-tests-2:1.22.2-6.el9_8.x86_64",
"product_id": "skopeo-tests-2:1.22.2-6.el9_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.22.2-6.el9_8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.22.2-6.el9_8.x86_64",
"product": {
"name": "skopeo-debugsource-2:1.22.2-6.el9_8.x86_64",
"product_id": "skopeo-debugsource-2:1.22.2-6.el9_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.22.2-6.el9_8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64",
"product": {
"name": "skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64",
"product_id": "skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.22.2-6.el9_8?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.22.2-6.el9_8.s390x",
"product": {
"name": "skopeo-2:1.22.2-6.el9_8.s390x",
"product_id": "skopeo-2:1.22.2-6.el9_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.22.2-6.el9_8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.22.2-6.el9_8.s390x",
"product": {
"name": "skopeo-tests-2:1.22.2-6.el9_8.s390x",
"product_id": "skopeo-tests-2:1.22.2-6.el9_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.22.2-6.el9_8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.22.2-6.el9_8.s390x",
"product": {
"name": "skopeo-debugsource-2:1.22.2-6.el9_8.s390x",
"product_id": "skopeo-debugsource-2:1.22.2-6.el9_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.22.2-6.el9_8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.22.2-6.el9_8.s390x",
"product": {
"name": "skopeo-debuginfo-2:1.22.2-6.el9_8.s390x",
"product_id": "skopeo-debuginfo-2:1.22.2-6.el9_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.22.2-6.el9_8?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.22.2-6.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.aarch64"
},
"product_reference": "skopeo-2:1.22.2-6.el9_8.aarch64",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.22.2-6.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.ppc64le"
},
"product_reference": "skopeo-2:1.22.2-6.el9_8.ppc64le",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.22.2-6.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.s390x"
},
"product_reference": "skopeo-2:1.22.2-6.el9_8.s390x",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.22.2-6.el9_8.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.src"
},
"product_reference": "skopeo-2:1.22.2-6.el9_8.src",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.22.2-6.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.x86_64"
},
"product_reference": "skopeo-2:1.22.2-6.el9_8.x86_64",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64"
},
"product_reference": "skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le"
},
"product_reference": "skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.22.2-6.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.s390x"
},
"product_reference": "skopeo-debuginfo-2:1.22.2-6.el9_8.s390x",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64"
},
"product_reference": "skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.22.2-6.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.aarch64"
},
"product_reference": "skopeo-debugsource-2:1.22.2-6.el9_8.aarch64",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le"
},
"product_reference": "skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.22.2-6.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.s390x"
},
"product_reference": "skopeo-debugsource-2:1.22.2-6.el9_8.s390x",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.22.2-6.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.x86_64"
},
"product_reference": "skopeo-debugsource-2:1.22.2-6.el9_8.x86_64",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.22.2-6.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.aarch64"
},
"product_reference": "skopeo-tests-2:1.22.2-6.el9_8.aarch64",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.22.2-6.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.ppc64le"
},
"product_reference": "skopeo-tests-2:1.22.2-6.el9_8.ppc64le",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.22.2-6.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.s390x"
},
"product_reference": "skopeo-tests-2:1.22.2-6.el9_8.s390x",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.22.2-6.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.x86_64"
},
"product_reference": "skopeo-tests-2:1.22.2-6.el9_8.x86_64",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.src",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-23T02:26:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.src",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28074"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.src",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.src",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-23T02:26:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.src",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28074"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.src",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.src",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.src",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-23T02:26:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.src",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28074"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.src",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debuginfo-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-debugsource-2:1.22.2-6.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:skopeo-tests-2:1.22.2-6.el9_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
}
]
}
RHSA-2026:28441
Vulnerability from csaf_redhat - Published: 2026-06-23 17:33 - Updated: 2026-07-01 00:13A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64 | — |
Vendor Fix
fix
|
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64 | — |
Vendor Fix
fix
|
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64 | — |
Vendor Fix
fix
|
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64 | — |
Vendor Fix
fix
|
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64 | — |
Vendor Fix
fix
|
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user's in-progress image upload.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64 | — |
Vendor Fix
fix
|
A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Openshift Mirror Registry v2.0.11",
"title": "Topic"
},
{
"category": "general",
"text": "Openshift Mirror Registry v2.0.11",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:28441",
"url": "https://access.redhat.com/errata/RHSA-2026:28441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68121",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32589",
"url": "https://access.redhat.com/security/cve/CVE-2026-32589"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32590",
"url": "https://access.redhat.com/security/cve/CVE-2026-32590"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_28441.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Openshift Mirror Registry v2.0.11",
"tracking": {
"current_release_date": "2026-07-01T00:13:05+00:00",
"generator": {
"date": "2026-07-01T00:13:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:28441",
"initial_release_date": "2026-06-23T17:33:12+00:00",
"revision_history": [
{
"date": "2026-06-23T17:33:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-23T17:33:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T00:13:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "mirror registry for Red Hat OpenShift 2.0",
"product": {
"name": "mirror registry for Red Hat OpenShift 2.0",
"product_id": "mirror registry for Red Hat OpenShift 2.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:mirror_registry:2.0::el8"
}
}
}
],
"category": "product_family",
"name": "mirror registry for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64",
"product": {
"name": "registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64",
"product_id": "registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mirror-registry-rhel8@sha256%3Ad1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e?arch=amd64\u0026repository_url=registry.redhat.io/openshift/mirror-registry-rhel8\u0026tag=1782177012"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"product": {
"name": "registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"product_id": "registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mirror-registry-rhel8@sha256%3A97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift/mirror-registry-rhel8\u0026tag=1782177012"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"product": {
"name": "registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"product_id": "registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mirror-registry-rhel8@sha256%3A8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29?arch=s390x\u0026repository_url=registry.redhat.io/openshift/mirror-registry-rhel8\u0026tag=1782177012"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x as a component of mirror registry for Red Hat OpenShift 2.0",
"product_id": "mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x"
},
"product_reference": "registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"relates_to_product_reference": "mirror registry for Red Hat OpenShift 2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le as a component of mirror registry for Red Hat OpenShift 2.0",
"product_id": "mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le"
},
"product_reference": "registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"relates_to_product_reference": "mirror registry for Red Hat OpenShift 2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64 as a component of mirror registry for Red Hat OpenShift 2.0",
"product_id": "mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
},
"product_reference": "registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64",
"relates_to_product_reference": "mirror registry for Red Hat OpenShift 2.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-23T17:33:12+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28441"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-23T17:33:12+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28441"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-23T17:33:12+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28441"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-23T17:33:12+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28441"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-23T17:33:12+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28441"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-23T17:33:12+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28441"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-23T17:33:12+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28441"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-23T17:33:12+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28441"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-23T17:33:12+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28441"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"acknowledgments": [
{
"names": [
"Antony Di Scala",
"Michael Whale"
]
}
],
"cve": "CVE-2026-32589",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"discovery_date": "2026-03-12T14:43:07.878000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2446963"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat Quay\u0027s container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user\u0027s in-progress image upload.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mirror-registry: quay: insecure direct object reference in BlobUpload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation requires valid login credentials to the Quay registry. Unauthenticated users cannot exploit this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32589"
},
{
"category": "external",
"summary": "RHBZ#2446963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446963"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32589",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32589"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32589",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32589"
}
],
"release_date": "2026-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-23T17:33:12+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28441"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mirror-registry: quay: insecure direct object reference in BlobUpload"
},
{
"acknowledgments": [
{
"names": [
"Antony Di Scala",
"Michael Whale"
]
}
],
"cve": "CVE-2026-32590",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2026-03-12T14:43:11.443000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2446964"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat Quay\u0027s handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mirror-registry: remote code execution using pickle deserialization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation requires valid login credentials. The attacker must be authenticated to the registry, either through the web interface or through a container tool such as Podman.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32590"
},
{
"category": "external",
"summary": "RHBZ#2446964",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446964"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32590",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32590"
}
],
"release_date": "2026-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-23T17:33:12+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28441"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:8a0035c2841dbc7ae063f1298006ef23509dba3bc02a99f19915033255df4a29_s390x",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:97ecafca4a852ecc1f897eaa54ced5a3301d53981ed6a7f5dee20d3a33db0d48_ppc64le",
"mirror registry for Red Hat OpenShift 2.0:registry.redhat.io/openshift/mirror-registry-rhel8@sha256:d1d86fccb45733d6be9a15f64ea8a6c7953a72d58c95f6b67c7f55dd8107ca9e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mirror-registry: remote code execution using pickle deserialization"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.