Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-32286 (GCVE-0-2026-32286)
Vulnerability from cvelistv5 – Published: 2026-03-26 19:40 – Updated: 2026-04-02 19:08
VLAI?
EPSS
Title
Denial of service in github.com/jackc/pgproto3/v2
Summary
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic.
Severity ?
7.5 (High)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| github.com/jackc/pgproto3/v2 | github.com/jackc/pgproto3/v2 |
Unaffected:
0 , < 2.0.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-32286",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-30T14:08:15.986882Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-30T14:55:11.942Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://securityinfinity.com/research/memory-safety-vulnerabilities-in-go-postgresql-wire-protocol-parsers-pgproto3-pgx"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "affected",
"packageName": "github.com/jackc/pgproto3/v2",
"product": "github.com/jackc/pgproto3/v2",
"programRoutines": [
{
"name": "DataRow.Decode"
},
{
"name": "Frontend.Receive"
}
],
"vendor": "github.com/jackc/pgproto3/v2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unaffected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T19:08:53.981Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://github.com/advisories/GHSA-jqcq-xjh3-6g23"
},
{
"url": "https://github.com/jackc/pgx/issues/2507"
},
{
"url": "https://github.com/golang/vulndb/issues/4518"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-4518"
}
],
"title": "Denial of service in github.com/jackc/pgproto3/v2"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-32286",
"datePublished": "2026-03-26T19:40:51.974Z",
"dateReserved": "2026-03-11T16:38:46.556Z",
"dateUpdated": "2026-04-02T19:08:53.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-32286",
"date": "2026-05-02",
"epss": "0.00064",
"percentile": "0.19628"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-32286\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2026-03-26T20:16:12.303\",\"lastModified\":\"2026-04-02T20:16:23.443\",\"vulnStatus\":\"Undergoing Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n DataRow.Decode no valida correctamente las longitudes de los campos. Un servidor PostgreSQL malicioso o comprometido puede enviar un mensaje DataRow con una longitud de campo negativa, causando un p\u00e1nico de desbordamiento de l\u00edmites de slice.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"references\":[{\"url\":\"https://github.com/advisories/GHSA-jqcq-xjh3-6g23\",\"source\":\"security@golang.org\"},{\"url\":\"https://github.com/golang/vulndb/issues/4518\",\"source\":\"security@golang.org\"},{\"url\":\"https://github.com/jackc/pgx/issues/2507\",\"source\":\"security@golang.org\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2026-4518\",\"source\":\"security@golang.org\"},{\"url\":\"https://securityinfinity.com/research/memory-safety-vulnerabilities-in-go-postgresql-wire-protocol-parsers-pgproto3-pgx\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-32286\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-30T14:08:15.986882Z\"}}}], \"references\": [{\"url\": \"https://securityinfinity.com/research/memory-safety-vulnerabilities-in-go-postgresql-wire-protocol-parsers-pgproto3-pgx\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-30T14:08:56.643Z\"}}], \"cna\": {\"title\": \"Denial of service in github.com/jackc/pgproto3/v2\", \"affected\": [{\"vendor\": \"github.com/jackc/pgproto3/v2\", \"product\": \"github.com/jackc/pgproto3/v2\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"2.0.0\", \"versionType\": \"semver\"}], \"packageName\": \"github.com/jackc/pgproto3/v2\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"affected\", \"programRoutines\": [{\"name\": \"DataRow.Decode\"}, {\"name\": \"Frontend.Receive\"}]}], \"references\": [{\"url\": \"https://github.com/advisories/GHSA-jqcq-xjh3-6g23\"}, {\"url\": \"https://github.com/jackc/pgx/issues/2507\"}, {\"url\": \"https://github.com/golang/vulndb/issues/4518\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2026-4518\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-125: Out-of-bounds Read\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2026-04-02T19:08:53.981Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-32286\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-02T19:08:53.981Z\", \"dateReserved\": \"2026-03-11T16:38:46.556Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2026-03-26T19:40:51.974Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:11856
Vulnerability from csaf_redhat - Published: 2026-04-29 17:11 - Updated: 2026-05-02 03:25Summary
Red Hat Security Advisory: Red Hat Quay 3.12.17
Severity
Important
Notes
Topic: Red Hat Quay 3.12.17 is now available with bug fixes.
Details: Quay 3.12.17
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
No description is available for this CVE.
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11856
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11856
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.
8.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11856
Workaround
To mitigate this flaw, ensure the callback provided to the set_cookie_generate_callback function strictly limits the returned cookie string or byte sequence to under 256 bytes.
A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application's failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11856
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a "slice bounds out of range panic", resulting in a Denial of Service (DoS) for the affected application.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11856
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11856
Workaround
To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11856
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.12.17 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.12.17",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11856",
"url": "https://access.redhat.com/errata/RHSA-2026:11856"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27459",
"url": "https://access.redhat.com/security/cve/CVE-2026-27459"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29074",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32286",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4427",
"url": "https://access.redhat.com/security/cve/CVE-2026-4427"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11856.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.12.17",
"tracking": {
"current_release_date": "2026-05-02T03:25:55+00:00",
"generator": {
"date": "2026-05-02T03:25:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2026:11856",
"initial_release_date": "2026-04-29T17:11:19+00:00",
"revision_history": [
{
"date": "2026-04-29T17:11:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-29T17:11:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-02T03:25:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.12",
"product": {
"name": "Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.12::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776698050"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697488"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3Acba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776698909"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Aff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Adbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776698050"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3Ac5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776798011"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697568"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3Ae2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776888642"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Aa696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776887968"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776752646"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Aaf6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697488"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Ab615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776798011"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Ad682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697568"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776887968"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Ab64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776752646"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697488"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776798011"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697568"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776887968"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776752646"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Aee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697488"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776798011"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697568"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776887968"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Ae7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776752646"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-4427",
"discovery_date": "2026-03-18T14:02:19.414820+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4427"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4427",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4427"
}
],
"release_date": "2026-03-18T13:00:31+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T17:11:19+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11856"
}
],
"title": "github.com/jackc/pgproto3: pgproto3: Denial of Service via negative field length in DataRow message"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T17:11:19+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11856"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-27459",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-03-18T00:01:41.404915+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448503"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pyOpenSSL: DTLS cookie callback buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is only exploitable when an application using the pyOpenSSL library provides a custom callback to the set_cookie_generate_callback function. For the buffer overflow to occur, the callback function must return a cookie string or byte sequence longer than 256 bytes, limiting the exposure of this issue. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27459"
},
{
"category": "external",
"summary": "RHBZ#2448503",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448503"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27459",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst",
"url": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408",
"url": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4",
"url": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4"
}
],
"release_date": "2026-03-17T23:34:28.483000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T17:11:19+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11856"
},
{
"category": "workaround",
"details": "To mitigate this flaw, ensure the callback provided to the set_cookie_generate_callback function strictly limits the returned cookie string or byte sequence to under 256 bytes.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pyOpenSSL: DTLS cookie callback buffer overflow"
},
{
"cve": "CVE-2026-29074",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445132"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application\u0027s failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "svgo: SVGO: Denial of Service via XML entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "RHBZ#2445132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673",
"url": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673"
}
],
"release_date": "2026-03-06T07:23:05.716000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T17:11:19+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11856"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "svgo: SVGO: Denial of Service via XML entity expansion"
},
{
"cve": "CVE-2026-32286",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-03-26T20:01:59.226117+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451847"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a \"slice bounds out of range panic\", resulting in a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "RHBZ#2451847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451847"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4518",
"url": "https://github.com/golang/vulndb/issues/4518"
},
{
"category": "external",
"summary": "https://github.com/jackc/pgx/issues/2507",
"url": "https://github.com/jackc/pgx/issues/2507"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4518",
"url": "https://pkg.go.dev/vuln/GO-2026-4518"
}
],
"release_date": "2026-03-26T19:40:51.974000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T17:11:19+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11856"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T17:11:19+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11856"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T17:11:19+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11856"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
RHSA-2026:11996
Vulnerability from csaf_redhat - Published: 2026-04-30 01:20 - Updated: 2026-05-02 03:25Summary
Red Hat Security Advisory: Red Hat Quay 3.9.21
Severity
Important
Notes
Topic: Red Hat Quay 3.9.21 is now available with bug fixes.
Details: Quay 3.9.21
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
No description is available for this CVE.
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11996
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11996
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.
8.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11996
Workaround
To mitigate this flaw, ensure the callback provided to the set_cookie_generate_callback function strictly limits the returned cookie string or byte sequence to under 256 bytes.
A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a "slice bounds out of range panic", resulting in a Denial of Service (DoS) for the affected application.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11996
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11996
Workaround
To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11996
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.9.21 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.9.21",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11996",
"url": "https://access.redhat.com/errata/RHSA-2026:11996"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27459",
"url": "https://access.redhat.com/security/cve/CVE-2026-27459"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32286",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4427",
"url": "https://access.redhat.com/security/cve/CVE-2026-4427"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11996.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.9.21",
"tracking": {
"current_release_date": "2026-05-02T03:25:55+00:00",
"generator": {
"date": "2026-05-02T03:25:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2026:11996",
"initial_release_date": "2026-04-30T01:20:06+00:00",
"revision_history": [
{
"date": "2026-04-30T01:20:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-30T01:20:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-02T03:25:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.9",
"product": {
"name": "Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776963375"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776962931"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3Ad201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776956601"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776956008"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776705943"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1777327525"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776705534"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3A637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1777328140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776908959"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776782369"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Aa0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776962931"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776956008"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1777327525"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Ab8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776705534"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776908959"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776782369"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Ad18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776962931"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776956008"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3Ac2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1777327525"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Abad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776705534"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776908959"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776782369"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-4427",
"discovery_date": "2026-03-18T14:02:19.414820+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4427"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4427",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4427"
}
],
"release_date": "2026-03-18T13:00:31+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T01:20:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11996"
}
],
"title": "github.com/jackc/pgproto3: pgproto3: Denial of Service via negative field length in DataRow message"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T01:20:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11996"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-27459",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-03-18T00:01:41.404915+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448503"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pyOpenSSL: DTLS cookie callback buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is only exploitable when an application using the pyOpenSSL library provides a custom callback to the set_cookie_generate_callback function. For the buffer overflow to occur, the callback function must return a cookie string or byte sequence longer than 256 bytes, limiting the exposure of this issue. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27459"
},
{
"category": "external",
"summary": "RHBZ#2448503",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448503"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27459",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst",
"url": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408",
"url": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4",
"url": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4"
}
],
"release_date": "2026-03-17T23:34:28.483000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T01:20:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11996"
},
{
"category": "workaround",
"details": "To mitigate this flaw, ensure the callback provided to the set_cookie_generate_callback function strictly limits the returned cookie string or byte sequence to under 256 bytes.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pyOpenSSL: DTLS cookie callback buffer overflow"
},
{
"cve": "CVE-2026-32286",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-03-26T20:01:59.226117+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451847"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a \"slice bounds out of range panic\", resulting in a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "RHBZ#2451847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451847"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4518",
"url": "https://github.com/golang/vulndb/issues/4518"
},
{
"category": "external",
"summary": "https://github.com/jackc/pgx/issues/2507",
"url": "https://github.com/jackc/pgx/issues/2507"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4518",
"url": "https://pkg.go.dev/vuln/GO-2026-4518"
}
],
"release_date": "2026-03-26T19:40:51.974000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T01:20:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11996"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T01:20:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11996"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T01:20:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11996"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
RHSA-2026:11217
Vulnerability from csaf_redhat - Published: 2026-04-27 23:24 - Updated: 2026-05-02 03:25Summary
Red Hat Security Advisory: RHACS 4.8.11 security and bug fix update
Severity
Important
Notes
Topic: Updated images are now available for Red Hat Advanced Cluster Security
(RHACS), which typically include new features, bug fixes, and/or
security patches.
Details: See the release notes (link in the references section) for a
description of the fixes and enhancements in this particular release.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).
8.8 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:11217
A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a "slice bounds out of range panic", resulting in a Denial of Service (DoS) for the affected application.
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:11217
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:11217
Workaround
To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.
A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability.
8.3 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:11217
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.
8.3 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:11217
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:11217
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Service (DoS) by causing the affected components to become unresponsive.
6.5 (Medium)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:11217
Workaround
To mitigate this issue, review and restrict the assignment of Kubernetes cluster roles `pods/portforward (create)`, `pods/exec (create)`, `pods/attach (create)`, and `nodes/proxy (get/create)` to untrusted users or service accounts. Ensure that only authorized and necessary entities possess these permissions. Modifying RBAC policies can impact the functionality of applications and services that rely on these permissions; careful testing is recommended.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11217",
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29063",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32286",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33815",
"url": "https://access.redhat.com/security/cve/CVE-2026-33815"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33816",
"url": "https://access.redhat.com/security/cve/CVE-2026-33816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-35469",
"url": "https://access.redhat.com/security/cve/CVE-2026-35469"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.8/html-single/release_notes/index#about-this-release-4811_release-notes-48",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.8/html-single/release_notes/index#about-this-release-4811_release-notes-48"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11217.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.8.11 security and bug fix update",
"tracking": {
"current_release_date": "2026-05-02T03:25:52+00:00",
"generator": {
"date": "2026-05-02T03:25:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2026:11217",
"initial_release_date": "2026-04-27T23:24:47+00:00",
"revision_history": [
{
"date": "2026-04-27T23:24:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-27T23:24:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-02T03:25:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product": {
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Ab950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776418904"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Abdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3A0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Af1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Aac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Aab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Ac6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Aedc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776418904"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Ab4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ab5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Adaf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Af6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Aaa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776418904"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Ac5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776418904"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Aa8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Ad769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Abb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ad639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Ad88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-29063",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-06T19:00:57.982727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this vulnerability requires that an attacker is able to provide arbitrary data to clients of this library in a way that calls the affected functions with data the attacker controls. In most deployments, the ability to provide data in this fashion requires that an attacker has some degree of privileges to access the affected applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "RHBZ#2445291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw",
"url": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw"
}
],
"release_date": "2026-03-06T18:25:22.438000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T23:24:47+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution"
},
{
"cve": "CVE-2026-32286",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-03-26T20:01:59.226117+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451847"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a \"slice bounds out of range panic\", resulting in a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "RHBZ#2451847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451847"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4518",
"url": "https://github.com/golang/vulndb/issues/4518"
},
{
"category": "external",
"summary": "https://github.com/jackc/pgx/issues/2507",
"url": "https://github.com/jackc/pgx/issues/2507"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4518",
"url": "https://pkg.go.dev/vuln/GO-2026-4518"
}
],
"release_date": "2026-03-26T19:40:51.974000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T23:24:47+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T23:24:47+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-33815",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-07T16:01:25.130006+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455975"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33815"
},
{
"category": "external",
"summary": "RHBZ#2455975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455975"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33815",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33815"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4771",
"url": "https://pkg.go.dev/vuln/GO-2026-4771"
}
],
"release_date": "2026-04-07T15:19:24.344000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T23:24:47+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability"
},
{
"cve": "CVE-2026-33816",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-07T16:01:14.142946+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455972"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33816"
},
{
"category": "external",
"summary": "RHBZ#2455972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33816",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4772",
"url": "https://pkg.go.dev/vuln/GO-2026-4772"
}
],
"release_date": "2026-04-07T15:19:24.529000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T23:24:47+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T23:24:47+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
},
{
"cve": "CVE-2026-35469",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-13T03:52:35+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457729"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Service (DoS) by causing the affected components to become unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-35469"
},
{
"category": "external",
"summary": "RHBZ#2457729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457729"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-35469",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-35469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35469"
}
],
"release_date": "2026-04-13T23:59:59+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T23:24:47+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
},
{
"category": "workaround",
"details": "To mitigate this issue, review and restrict the assignment of Kubernetes cluster roles `pods/portforward (create)`, `pods/exec (create)`, `pods/attach (create)`, and `nodes/proxy (get/create)` to untrusted users or service accounts. Ensure that only authorized and necessary entities possess these permissions. Modifying RBAC policies can impact the functionality of applications and services that rely on these permissions; careful testing is recommended.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code"
}
]
}
RHSA-2026:11070
Vulnerability from csaf_redhat - Published: 2026-04-27 20:25 - Updated: 2026-05-02 03:25Summary
Red Hat Security Advisory: RHACS 4.8.11 security and bug fix update
Severity
Important
Notes
Topic: Updated images are now available for Red Hat Advanced Cluster Security
(RHACS), which typically include new features, bug fixes, and/or
security patches.
Details: See the release notes (link in the references section) for a
description of the fixes and enhancements in this particular release.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).
8.8 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:11070
A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a "slice bounds out of range panic", resulting in a Denial of Service (DoS) for the affected application.
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:11070
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:11070
Workaround
To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.
A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability.
8.3 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:11070
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.
8.3 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:11070
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:11070
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Service (DoS) by causing the affected components to become unresponsive.
6.5 (Medium)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:11070
Workaround
To mitigate this issue, review and restrict the assignment of Kubernetes cluster roles `pods/portforward (create)`, `pods/exec (create)`, `pods/attach (create)`, and `nodes/proxy (get/create)` to untrusted users or service accounts. Ensure that only authorized and necessary entities possess these permissions. Modifying RBAC policies can impact the functionality of applications and services that rely on these permissions; careful testing is recommended.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11070",
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29063",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32286",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33815",
"url": "https://access.redhat.com/security/cve/CVE-2026-33815"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33816",
"url": "https://access.redhat.com/security/cve/CVE-2026-33816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-35469",
"url": "https://access.redhat.com/security/cve/CVE-2026-35469"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.8/html-single/release_notes/index#about-this-release-4811_release-notes-48",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.8/html-single/release_notes/index#about-this-release-4811_release-notes-48"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11070.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.8.11 security and bug fix update",
"tracking": {
"current_release_date": "2026-05-02T03:25:51+00:00",
"generator": {
"date": "2026-05-02T03:25:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2026:11070",
"initial_release_date": "2026-04-27T20:25:56+00:00",
"revision_history": [
{
"date": "2026-04-27T20:25:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-27T20:25:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-02T03:25:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product": {
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Af41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Ab950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776418904"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Adbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3Ac2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Af1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Aac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Aab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Acfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776418904"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Abf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ab5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Adaf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Af6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Ac35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Ae8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776418904"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Ae4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776418904"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Aeafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Abb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ad639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Ad88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-29063",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-06T19:00:57.982727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this vulnerability requires that an attacker is able to provide arbitrary data to clients of this library in a way that calls the affected functions with data the attacker controls. In most deployments, the ability to provide data in this fashion requires that an attacker has some degree of privileges to access the affected applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "RHBZ#2445291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw",
"url": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw"
}
],
"release_date": "2026-03-06T18:25:22.438000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T20:25:56+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution"
},
{
"cve": "CVE-2026-32286",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-03-26T20:01:59.226117+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451847"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a \"slice bounds out of range panic\", resulting in a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "RHBZ#2451847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451847"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4518",
"url": "https://github.com/golang/vulndb/issues/4518"
},
{
"category": "external",
"summary": "https://github.com/jackc/pgx/issues/2507",
"url": "https://github.com/jackc/pgx/issues/2507"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4518",
"url": "https://pkg.go.dev/vuln/GO-2026-4518"
}
],
"release_date": "2026-03-26T19:40:51.974000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T20:25:56+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T20:25:56+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-33815",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-07T16:01:25.130006+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455975"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33815"
},
{
"category": "external",
"summary": "RHBZ#2455975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455975"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33815",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33815"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4771",
"url": "https://pkg.go.dev/vuln/GO-2026-4771"
}
],
"release_date": "2026-04-07T15:19:24.344000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T20:25:56+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability"
},
{
"cve": "CVE-2026-33816",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-07T16:01:14.142946+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455972"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33816"
},
{
"category": "external",
"summary": "RHBZ#2455972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33816",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4772",
"url": "https://pkg.go.dev/vuln/GO-2026-4772"
}
],
"release_date": "2026-04-07T15:19:24.529000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T20:25:56+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T20:25:56+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
},
{
"cve": "CVE-2026-35469",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-13T03:52:35+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457729"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Service (DoS) by causing the affected components to become unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-35469"
},
{
"category": "external",
"summary": "RHBZ#2457729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457729"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-35469",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-35469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35469"
}
],
"release_date": "2026-04-13T23:59:59+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T20:25:56+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
},
{
"category": "workaround",
"details": "To mitigate this issue, review and restrict the assignment of Kubernetes cluster roles `pods/portforward (create)`, `pods/exec (create)`, `pods/attach (create)`, and `nodes/proxy (get/create)` to untrusted users or service accounts. Ensure that only authorized and necessary entities possess these permissions. Modifying RBAC policies can impact the functionality of applications and services that rely on these permissions; careful testing is recommended.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code"
}
]
}
RHSA-2026:11916
Vulnerability from csaf_redhat - Published: 2026-04-29 21:18 - Updated: 2026-05-02 03:25Summary
Red Hat Security Advisory: Red Hat Quay 3.10.21
Severity
Important
Notes
Topic: Red Hat Quay 3.10.21 is now available with bug fixes.
Details: Quay 3.10.21
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
No description is available for this CVE.
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11916
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11916
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.
8.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11916
Workaround
To mitigate this flaw, ensure the callback provided to the set_cookie_generate_callback function strictly limits the returned cookie string or byte sequence to under 256 bytes.
A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).
8.8 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11916
A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application's failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11916
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a "slice bounds out of range panic", resulting in a Denial of Service (DoS) for the affected application.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11916
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11916
Workaround
To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:11916
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.10.21 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.10.21",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11916",
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27459",
"url": "https://access.redhat.com/security/cve/CVE-2026-27459"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29063",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29074",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32286",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4427",
"url": "https://access.redhat.com/security/cve/CVE-2026-4427"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11916.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.10.21",
"tracking": {
"current_release_date": "2026-05-02T03:25:55+00:00",
"generator": {
"date": "2026-05-02T03:25:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2026:11916",
"initial_release_date": "2026-04-29T21:18:39+00:00",
"revision_history": [
{
"date": "2026-04-29T21:18:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-29T21:18:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-02T03:25:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.1",
"product": {
"name": "Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.10::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3Adb1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776785871"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776784458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3Aa85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776785891"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776784548"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776706008"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1777302567"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776705546"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3A77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1777303274"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776908884"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Adcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776736910"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776784458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776784548"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1777302567"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776705546"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776908884"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776736910"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Aa39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776784458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776784548"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1777302567"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776705546"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Abf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776908884"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776736910"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-4427",
"discovery_date": "2026-03-18T14:02:19.414820+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4427"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4427",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4427"
}
],
"release_date": "2026-03-18T13:00:31+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T21:18:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
}
],
"title": "github.com/jackc/pgproto3: pgproto3: Denial of Service via negative field length in DataRow message"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T21:18:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-27459",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-03-18T00:01:41.404915+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448503"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pyOpenSSL: DTLS cookie callback buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is only exploitable when an application using the pyOpenSSL library provides a custom callback to the set_cookie_generate_callback function. For the buffer overflow to occur, the callback function must return a cookie string or byte sequence longer than 256 bytes, limiting the exposure of this issue. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27459"
},
{
"category": "external",
"summary": "RHBZ#2448503",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448503"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27459",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst",
"url": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408",
"url": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4",
"url": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4"
}
],
"release_date": "2026-03-17T23:34:28.483000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T21:18:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
},
{
"category": "workaround",
"details": "To mitigate this flaw, ensure the callback provided to the set_cookie_generate_callback function strictly limits the returned cookie string or byte sequence to under 256 bytes.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pyOpenSSL: DTLS cookie callback buffer overflow"
},
{
"cve": "CVE-2026-29063",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-06T19:00:57.982727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this vulnerability requires that an attacker is able to provide arbitrary data to clients of this library in a way that calls the affected functions with data the attacker controls. In most deployments, the ability to provide data in this fashion requires that an attacker has some degree of privileges to access the affected applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "RHBZ#2445291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw",
"url": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw"
}
],
"release_date": "2026-03-06T18:25:22.438000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T21:18:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution"
},
{
"cve": "CVE-2026-29074",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445132"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application\u0027s failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "svgo: SVGO: Denial of Service via XML entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "RHBZ#2445132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673",
"url": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673"
}
],
"release_date": "2026-03-06T07:23:05.716000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T21:18:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "svgo: SVGO: Denial of Service via XML entity expansion"
},
{
"cve": "CVE-2026-32286",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-03-26T20:01:59.226117+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451847"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a \"slice bounds out of range panic\", resulting in a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "RHBZ#2451847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451847"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4518",
"url": "https://github.com/golang/vulndb/issues/4518"
},
{
"category": "external",
"summary": "https://github.com/jackc/pgx/issues/2507",
"url": "https://github.com/jackc/pgx/issues/2507"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4518",
"url": "https://pkg.go.dev/vuln/GO-2026-4518"
}
],
"release_date": "2026-03-26T19:40:51.974000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T21:18:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T21:18:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T21:18:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
FKIE_CVE-2026-32286
Vulnerability from fkie_nvd - Published: 2026-03-26 20:16 - Updated: 2026-04-02 20:16
Severity ?
Summary
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic.
References
| URL | Tags | ||
|---|---|---|---|
| security@golang.org | https://github.com/advisories/GHSA-jqcq-xjh3-6g23 | ||
| security@golang.org | https://github.com/golang/vulndb/issues/4518 | ||
| security@golang.org | https://github.com/jackc/pgx/issues/2507 | ||
| security@golang.org | https://pkg.go.dev/vuln/GO-2026-4518 | ||
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://securityinfinity.com/research/memory-safety-vulnerabilities-in-go-postgresql-wire-protocol-parsers-pgproto3-pgx |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic."
},
{
"lang": "es",
"value": "La funci\u00f3n DataRow.Decode no valida correctamente las longitudes de los campos. Un servidor PostgreSQL malicioso o comprometido puede enviar un mensaje DataRow con una longitud de campo negativa, causando un p\u00e1nico de desbordamiento de l\u00edmites de slice."
}
],
"id": "CVE-2026-32286",
"lastModified": "2026-04-02T20:16:23.443",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2026-03-26T20:16:12.303",
"references": [
{
"source": "security@golang.org",
"url": "https://github.com/advisories/GHSA-jqcq-xjh3-6g23"
},
{
"source": "security@golang.org",
"url": "https://github.com/golang/vulndb/issues/4518"
},
{
"source": "security@golang.org",
"url": "https://github.com/jackc/pgx/issues/2507"
},
{
"source": "security@golang.org",
"url": "https://pkg.go.dev/vuln/GO-2026-4518"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"url": "https://securityinfinity.com/research/memory-safety-vulnerabilities-in-go-postgresql-wire-protocol-parsers-pgproto3-pgx"
}
],
"sourceIdentifier": "security@golang.org",
"vulnStatus": "Awaiting Analysis"
}
GHSA-JQCQ-XJH3-6G23
Vulnerability from github – Published: 2026-03-18 13:00 – Updated: 2026-03-30 20:33
VLAI?
Summary
Denial of service in github.com/jackc/pgproto3/v2
Details
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic.
Severity ?
7.5 (High)
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/jackc/pgproto3/v2"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.0"
},
{
"last_affected": "2.3.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-32286"
],
"database_specific": {
"cwe_ids": [
"CWE-129"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-18T13:00:31Z",
"nvd_published_at": "2026-03-26T20:16:12Z",
"severity": "HIGH"
},
"details": "The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic.",
"id": "GHSA-jqcq-xjh3-6g23",
"modified": "2026-03-30T20:33:03Z",
"published": "2026-03-18T13:00:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286"
},
{
"type": "WEB",
"url": "https://github.com/golang/vulndb/issues/4518"
},
{
"type": "WEB",
"url": "https://github.com/jackc/pgx/issues/2507"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448626"
},
{
"type": "PACKAGE",
"url": "https://github.com/jackc/pgproto3"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2026-4518"
},
{
"type": "WEB",
"url": "https://securityinfinity.com/research/memory-safety-vulnerabilities-in-go-postgresql-wire-protocol-parsers-pgproto3-pgx"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Denial of service in github.com/jackc/pgproto3/v2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…